Sungho Yoon

icon indicating an email [email protected]

icon company Samsung Electronics icon location Korea icon location SSD Security Engineer

Results 6 comments of Sungho Yoon

Capability flags (and many other fields) should be masked before being stored in SPDM context

I agree with this security concern. BTW, in SPDM 1.0 the used bit size is 1byte. Why is the mask 0x0000004f, not 0x000000ff?

Capability flags (and many other fields) should be masked before being stored in SPDM context

I wondered why PSS_CAP is described in SPDM 1.0. Thank you for letting me know the bug

Error message when receiving Challenge via secure session

> I guess below reason: > 1. it is not needed, when you setup session. Authentication is already done. > 2. It will be confusing to construct the transcript. how...

Error message when receiving Challenge via secure session

> It is different from GET_MEAS. because GET_MEAS does not have message_b. I mean the message_b is also distinguished according to session id or no session. So, the transcript used...

Error message when receiving Challenge via secure session

Thank you for your reply. I just want to know why SPDM allows GET_MEASUREMTNS in session, but CHALLENGE does not.

Question about ALGORITHMS for multiple tables

I agree with your comment that "it can return an ERROR response if the Requester has generated an algorithm structure with repeated entries or entries that are in reverse order"....