Chevy and GMC Duramax Diesel Forum banner

1 - 20 of 1344 Posts

·
Registered
Joined
·
160 Posts
Discussion Starter #1
Folks this is my first post, so I thought I would come in with a bang. Lol.

Background: I drove Ford trucks from High School in the mid 80's to a new 2011 F-350. Never owned a GM truck in my life. Had all the problems with the Navistar 6.0's and 6.4's then three radiators and 2 blown turbos on the 2011 6.7, done with FoMoCo......which resulted in a 2013 Ram 3500 and then a 2015 Ram 3500 in my driveway. Sold the 2015 Ram 3500 this spring and went the summer without a truck, mainly because I didn't want another Ram of the same generation as my previous two, and, the new 2017 Superduty's are RIDICULOUSLY priced with minimal discounts.....nice trucks though.

So I'm driving by the local Chevy dealer last week, and sitting out front is a 2017 Regular Cab/LB loaded LTZ Duramax. Took it for a test drive and LOVED IT. Power for days, quiet, and it's been 25 years since I owned a regular cab truck.....a real man's truck as my Pop's always said. $58K MSRP, year-end clearance marked at $49K and I got them down to $45K....$13K off MSRP is not a bad deal + it fit's in my garage on the house instead of all the way out in the shop.

So Friday I had it at the dealer to get the TSB 17-NA-171 ECM/TCM updates done, and while I'm waiting I run into the dealership IT manager who I know quite well since my company has provided IT support services for them off and on for years. Big dealership, multiple locations all over the state, so he oversees a lot. Being a 25-year veteran IT Engineer/Manager myself, we got into a detailed discussion on the back-end architecture/process of how the new Duramax ECM/TCM is programmed and updated. WOW.

GM's Phase-1 overall process involves multi-factor authentication involving dealer employees/credentials and a Diffie-Hellman 2048 bit key exchange using a SHA-256 hash digest that is unique for each VIN ECM/TCM. The implementation is well thought out and done correctly, and put quite simply, there is no attack surface to exploit. GM's implementation of software key management coupled with unique features in hardware allow them to change any of this dynamically from model year to model year, or even production job to production job. The main concept to keep in mind is this is not a STATIC security implementation restricted by hardware limits where once cracked, always cracked (essential in developing an aftermarket solution). In the unlikely event of an exploit, GM can dynamically alter their system, and via On-Star (which uses the same system) issue OTA updates (whether you have an active subscription or not) or send update notices in the mail. Remember, this is simply a key exchange update process, something that every Wi-Fi hot spot does routinely.

Based on years of personal experience, IMHO the aftermarket will not be tuning or modifying these trucks ever.

Diffie-Hellman 2048/SHA-256 if implemented correctly as done by GM, is un-crackable......even by the NSA. Current estimates to crack Diffie-Hellman 1024 is 35,000,000 core years.....ie it would take 35 million cpu cores 1 year to crack a single key exchange.....and the key exchange is unique for each VIN#. Diffie-Hellman 2048bit???......forget about it, not going to happen.

Furthermore, I mentioned Phase-1 above....which on the L5P does not encrypt the actual software on the ECM/TCM. Phase-2 roll-out in the next gen trucks (as well as Corvette and other vehicles) is full encryption of the key exchange and module software.

From what I was told, Ford and Fiat/Chrysler are not far behind.

I've had several trucks tuned over the years, and I hate the emissions crap on these new trucks as much as anyone, but, I'm afraid we are nearing the end of an era.

At least they gave us 450HP and 900+ ft-lbs of torque stock......there are worse things!!
 

·
Premium Member
Joined
·
230 Posts
It’s already been tuned. While I agree the current control modules are going to be difficult to crack, it’ll just take some time. The out of the box solutions are already available. Gale has created standalone ecu’s capable of custom tuning. So to say never, has already been disproven.
 

·
Premium Member
Joined
·
165 Posts
Folks this is my first post, so I thought I would come in with a bang. Lol.

Background: I drove Ford trucks from High School in the mid 80's to a new 2011 F-350. Never owned a GM truck in my life. Had all the problems with the Navistar 6.0's and 6.4's then three radiators and 2 blown turbos on the 2011 6.7, done with FoMoCo......which resulted in a 2013 Ram 3500 and then a 2015 Ram 3500 in my driveway. Sold the 2015 Ram 3500 this spring and went the summer without a truck, mainly because I didn't want another Ram of the same generation as my previous two, and, the new 2017 Superduty's are RIDICULOUSLY priced with minimal discounts.....nice trucks though.

So I'm driving by the local Chevy dealer last week, and sitting out front is a 2017 Regular Cab/LB loaded LTZ Duramax. Took it for a test drive and LOVED IT. Power for days, quiet, and it's been 25 years since I owned a regular cab truck.....a real man's truck as my Pop's always said. $58K MSRP, year-end clearance marked at $49K and I got them down to $45K....$13K off MSRP is not a bad deal + it fit's in my garage on the house instead of all the way out in the shop.

So Friday I had it at the dealer to get the TSB 17-NA-171 ECM/TCM updates done, and while I'm waiting I run into the dealership IT manager who I know quite well since my company has provided IT support services for them off and on for years. Big dealership, multiple locations all over the state, so he oversees a lot. Being a 25-year veteran IT Engineer/Manager myself, we got into a detailed discussion on the back-end architecture/process of how the new Duramax ECM/TCM is programmed and updated. WOW.

GM's Phase-1 overall process involves multi-factor authentication involving dealer employees/credentials and a Diffie-Hellman 2048 bit key exchange using a SHA-256 hash digest that is unique for each VIN ECM/TCM. The implementation is well thought out and done correctly, and put quite simply, there is no attack surface to exploit. GM's implementation of software key management coupled with unique features in hardware allow them to change any of this dynamically from model year to model year, or even production job to production job. The main concept to keep in mind is this is not a STATIC security implementation restricted by hardware limits where once cracked, always cracked (essential in developing an aftermarket solution). In the unlikely event of an exploit, GM can dynamically alter their system, and via On-Star (which uses the same system) issue OTA updates (whether you have an active subscription or not) or send update notices in the mail. Remember, this is simply a key exchange update process, something that every Wi-Fi hot spot does routinely.

Based on years of personal experience, IMHO the aftermarket will not be tuning or modifying these trucks ever.

Diffie-Hellman 2048/SHA-256 if implemented correctly as done by GM, is un-crackable......even by the NSA. Current estimates to crack Diffie-Hellman 1024 is 35,000,000 core years.....ie it would take 35 million cpu cores 1 year to crack a single key exchange.....and the key exchange is unique for each VIN#. Diffie-Hellman 2048bit???......forget about it, not going to happen.

Furthermore, I mentioned Phase-1 above....which on the L5P does not encrypt the actual software on the ECM/TCM. Phase-2 roll-out in the next gen trucks (as well as Corvette and other vehicles) is full encryption of the key exchange and module software.

From what I was told, Ford and Fiat/Chrysler are not far behind.

I've had several trucks tuned over the years, and I hate the emissions crap on these new trucks as much as anyone, but, I'm afraid we are nearing the end of an era.

At least they gave us 450HP and 900+ ft-lbs of torque stock......there are worse things!!
Like I said in the other thread you posted in......Nonsense!
 

·
Registered
Joined
·
160 Posts
Discussion Starter #4
It’s already been tuned. While I agree the current control modules are going to be difficult to crack, it’ll just take some time. The out of the box solutions are already available. Gale has created standalone ecu’s capable of custom tuning. So to say never, has already been disproven.
No it has not. No third party has programmed the L5P ecm and no one will. There are no out of the box solutions currently available that retain the factory ecm.

Sure GB and others could develop aftermarket ecm's that could replace the factory ECM on a track/race truck with Autometer Gauges, aftermarket hvac and aftermarket audio......but none of the factory instrument cluster, HVAC, audio, BCM, human interface modules, power windows, steering, etc......NONE of it will work because it has security dependencies on the factory ECM. Every module that communicates with the ECM/TCM uses 2048 bit Diffie-Hellman key exchange with a SHA-256 hash.....and aftermarket ecm's will not have any of that.....useless for a daily/street driven truck.

I worked at AC-Delco for two years after I graduated from Purdue when all of the protocols and technology was being developed for OBD-II in the 1996 model year.....I saw the beginnings of whats going on today back then.

Encryption security is simply math. It's absolute and inviolable and it's been coming for a long time.
 

·
Registered
Joined
·
160 Posts
Discussion Starter #5
Not trying to troll here fella's.......just the facts about how this technology works.

GM expended a lot of R&D $$$ developing this system. Unless they specifically allow it....maybe via a factory special program with a major aftermarket company for limited editions, etc.....I can't see how the aftermarket is going to develop anything for these new systems going forward.
 

·
Registered
Joined
·
160 Posts
Discussion Starter #6
EFILive (some pretty smart guys) gave up on L5P ECM.

Quote from their forum MOD:

"There is no encryption as such but there is SHA-256 signatures on every calibration segment and the OS, no external reflash bootloader permitted so the signature validation cannot be bypassed and to top it off the JTAG/BDM is 128bit password protected.

Be prepared to accept that these may never be tunable, nobody but GM can generate the SHA-256 signatures and if someone does they will likely be sued by GM because SHA-256 is not crackable."
 

·
Premium Member
Joined
·
165 Posts
EFILive (some pretty smart guys) gave up on L5P ECM.

Quote from their forum MOD:

"There is no encryption as such but there is SHA-256 signatures on every calibration segment and the OS, no external reflash bootloader permitted so the signature validation cannot be bypassed and to top it off the JTAG/BDM is 128bit password protected.

Be prepared to accept that these may never be tunable, nobody but GM can generate the SHA-256 signatures and if someone does they will likely be sued by GM because SHA-256 is not crackable."
That's old news.
 

·
Registered
Joined
·
83 Posts
Is it 2012 again? People were actually telling me this about the lml at a dyno event where I was a spectator, standing in front of my lml with twins and efi live tuning. I guess time will tell.
 

·
Registered
Joined
·
16,263 Posts
 

·
Registered
Joined
·
160 Posts
Discussion Starter #12
That's old news.
Yep, 6 months ago.....and no progress or information by ANYONE on programming the L5P ECM in any useful way since then. And aftermarket ECM's do not count as useful. I leased my truck for 24 months, so I will be around for at least a couple of years. Boys I am not a troll. Just highly experienced in matters of digital information security and encryption.

I have no knowledge or experience with previous Duramax ECM's, just what I've discovered on the one in my new truck....and as posted over on EFI live, the ability to tune the factory setup on these trucks is not looking good, and time will not fix that.

Hell, 6 years in 2'nd Marines/Recon and a combat tour in Iraq......I can be a bit blunt. Since I'm the FNG here, I'll stow this for now because I'll need your help on a few things I'm sure.

No need for you "brothers" to further feed the troll. Lol.
 

·
Registered
Joined
·
1,071 Posts
Curious to see how this plays out after the truck's warranty runs out. Are you telling me that when my A/C breaks outside the warranty period I will have to get GM's blessing to fix it????
 

·
Premium Member
Joined
·
7,753 Posts
I’m thinking the EPA has come down hard on manufacturers and his is their response.

Looks like if this is the case I’ll be holding onto the LML for a long while.

Personally I’m not shocked nor am I pissed about this.

BUT


IF THEY WOULD SPEND THIS MUCH R&D ON THEIR FREAKING EMISSIONS BOAT ANCHORS PEOPLE WOULD BE LESS OPT TO GO AROUND THIER SH*T TO BEGIN WITH!!!!!!!


Clown a$$ F-ers



PS Semper Devil.


Sent from my iPhone using Tapatalk
 

·
Registered
Joined
·
160 Posts
Discussion Starter #16
Curious to see how this plays out after the truck's warranty runs out. Are you telling me that when my A/C breaks outside the warranty period I will have to get GM's blessing to fix it????
Not necessarily......it depends. I think the compressor/evap/receiver-drier could be replaced, but, the electronic control module??.....maybe not.....at least without the dealer programming it correctly for your truck. I don't know how far yet GM has implemented vehicle wide integration, but, based on what I know about the ECM/TCM, it could be all on-board systems/devices.

Again guys, no intent to troll here or be chicken little the sky is falling, but, I made an impulse purchase on this new truck and I like it. Finding out the way GM implemented technology in this truck after the fact doesn't change that, and is not a knock on GM. The company got really serious about securing these 2017+ vehicles and the methods used are in line with the latest advances in my industry. This is all good 99% of the time......except for the aftermarket performance industry.

70 KSI Hydroformed frame, refined and full power Duramax + Allison trans in a 3/4 ton truck vs the rattling and derated Cummins in the 3/4 ton Ram 2500 with the 68RFE trans (can't get the Aisin in the Ram 2500).....this is a TRUCK. IFS that doesn't cup and bevel the front tires inside of 5k miles like the other live axle trucks.......AFAICT, the only difference between the Silverado 2500 and 3500 is an additional helper spring in the back, a higher rated GVWR sticker, and the dually option.
 

·
Registered
Joined
·
412 Posts
John Deere did this a few years ago - you want to "fix" your tractor? Call this 800 number, get an auth code for your new "authentic" JD part - Need to "field fix" to get whatever done ASAFP? Your SoL.

JD set the precedent and didn't lose sales...guess what?

We've had this Discussion, and M.A.M I know you "think" this is going to happen in a year, but, it's not. Unless we see someone piggy back the ECU we won't be seeing tuning on these L5P's for the factory ECU. Standalone, to make the L5P run - sure - That aint mass market Factory ECU tuning.

Who is out of warranty? I'll pay for a new oil pressure sender for you, send it to you, and you replace it...then find out you need a trip to the dealer to make the damn thing START. - yep - each I/O for the ecu has to be paired with the ECU or it all faults and "no va"(Spanish Chevy Joke! No Va = No go). At least on most of the major PID's I've checked, there is a header signature in the raw data packets for each PID channel if this is not there, that Input faults the system.

I'd love to see it tuned, but, it's not going to happen. - Maybe ProEFI will do a duramax base file and include the CAN2 proto's -


As far as OnStar on the Wire updates to your ECU - Get that Edge insight and plug it in - it will block Onstar from reading/writing to the ECU. (grin)
 

·
Registered
Joined
·
160 Posts
Discussion Starter #19
The key point here is that cost barriers for oem's to lock down their on-board systems are low with current technology. In the past that was not the case.

As Nacho said, once these systems are in place, no one is going to do anything with them unless the oem allows it.
 

·
Premium Member
Joined
·
165 Posts
1 - 20 of 1344 Posts
Top