IBM Corp v. Security First Innovations LLC

1. Case Identification

• Case #: IPR2025-01200
• Patent #: 8,271,802
• Petitioner(s): International Business Machines Corporation
• Patent Owner(s): Security First Innovations, LLC
• Challenged Claims: 1-27

2. Patent Overview

• Title: Secure Data Parser
• Brief Description: The ’802 patent is directed to a method and system for securing a data set by encrypting the data, creating integrity information, and then splitting the encrypted data, encryption key, and integrity information into a plurality of “shares.” The shares are stored in separate locations, and the original data set is restorable by accessing a subset of the total shares.

3. Grounds for Unpatentability

Ground 1: Obviousness over Torre and Tajima - Claims 1-3, 5, 9-12, 14, 18-21, 23, and 27 are obvious over Torre in view of Tajima.

• Prior Art Relied Upon: Torre (Application # 2003/0065656) and Tajima (Application # 2003/0028493).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that Torre taught a system for "shredding" data into shares that could be stored securely and retrieved from a subset of those shares, meeting the patent’s redundancy requirements. Torre also disclosed creating integrity information via a SHA-1 digital signature and encrypting the data. However, Torre’s method of using a "tag" to reconstruct the data did not explicitly teach including the encryption key within the tag. Petitioner asserted that Tajima remedied this deficiency by teaching the division of encrypted personal information into data portions and explicitly including information regarding the encryption key with the data fragments for later reconstruction. Petitioner contended the combination of Torre's shredding and integrity system with Tajima's method of including the encryption key met the limitations of the independent claims.
  • Motivation to Combine: Petitioner argued a person of ordinary skill in the art (POSITA) would combine Torre and Tajima because both references addressed the same problem of secure, distributed data storage. A POSITA would recognize that Torre's system required the encryption key for decryption during data restoration and would have looked to known techniques, like that in Tajima, to provide it. Furthermore, Torre disclosed that its tags could include "input parameters used" for a transformation, and the encryption key is such a parameter. Petitioner also argued for modifying Torre's data allocation method with Tajima's method of splitting data into portions of "arbitrary length" to improve security, a modification motivated by Torre's disclosure that its remapping schemes were not limited.
  • Expectation of Success: A POSITA would have had a reasonable expectation of success because combining the references amounted to applying a known technique (Tajima's key handling) to improve a similar device (Torre's system) in a predictable way. Implementing the modification would have involved standard programming, well within the skill of a POSITA.

Ground 2: Obviousness over Orsini and Torre - Claims 1-5, 9-14, 18-23, and 27 are obvious over Orsini in view of Torre.

• Prior Art Relied Upon: Orsini (Application # 2004/0049687) and Torre (Application # 2003/0065656).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner contended that Orsini, a patent application from three of the four inventors of the ’802 patent, was substantially identical to the patent’s specification and disclosed nearly all claimed features, including encrypting a data set, generating a session master key, and splitting the data and key into shares for redundant storage. However, Petitioner argued that Orsini failed to expressly teach a mechanism for creating and verifying the integrity of the restored data. Torre, as in Ground 1, disclosed using a SHA-1 digital signature to generate integrity information and verify data upon reconstruction. The combination of Orsini's secure storage framework with Torre's integrity verification method allegedly rendered the claims obvious.
  • Motivation to Combine: A POSITA would have been motivated to add Torre’s integrity-checking functionality to Orsini's system to ensure that reconstructed data was identical to the original, a fundamental goal of any secure storage system. Torre provided a well-known, standard method (digital signatures) to accomplish this necessary verification step, making it a logical and desirable addition to the system disclosed in Orsini.
  • Expectation of Success: Petitioner asserted there was a high expectation of success because the combination involved augmenting a known system (Orsini) with a standard, complementary feature (Torre's integrity check) to achieve a predictable and beneficial result.

Ground 3: Obviousness over Torre, Tajima, and Krawczyk - Claims 6, 15, and 24 are obvious over the combination of Torre, Tajima, and Krawczyk.

• Prior Art Relied Upon: Torre (Application # 2003/0065656), Tajima (Application # 2003/0028493), and Krawczyk ("Secret Sharing Made Short," a 1993 cryptography conference paper).

• Core Argument for this Ground:

  • Prior Art Mapping: This ground built upon the primary Torre/Tajima combination from Ground 1, which taught including encryption key data within the stored shares. For claims 6, 15, and 24, which specifically required that the data indicative of the encryption key be created using a "Shamir algorithm," Petitioner introduced Krawczyk. Krawczyk taught a "secret sharing" technique that explicitly used a Shamir secret sharing scheme to split an encryption key into multiple shares for secure distribution.
  • Motivation to Combine: A POSITA, having already combined Torre and Tajima, would have been motivated to further enhance the security of the encryption key itself. The simple splitting taught in the base combination could be improved. Krawczyk provided a known, more robust cryptographic technique (Shamir's algorithm) specifically designed for this purpose, making it an obvious choice for improving the security of the key stored in the shares.
  • Expectation of Success: Success was expected because the modification involved applying a well-known cryptographic algorithm for its intended purpose (securing a key) within an existing secure storage framework, resulting in a predictable improvement in security.

• Additional Grounds: Petitioner asserted additional obviousness challenges based on combinations including Aldridge (for data scrambling within shares), Foster (for encrypting the encryption key itself with a second key), and further combinations involving Orsini, Torre, Krawczyk, and Foster.

4. Relief Requested

• Petitioner requests institution of IPR for claims 1-27 of the ’802 patent, a finding that the challenged claims are unpatentable, and cancellation of those claims.