Chevy and GMC Duramax Diesel Forum banner

L5P and after will never be tuned. Period.

644K views 1K replies 189 participants last post by  Melonhead1102 
#1 ·
Folks this is my first post, so I thought I would come in with a bang. Lol.

Background: I drove Ford trucks from High School in the mid 80's to a new 2011 F-350. Never owned a GM truck in my life. Had all the problems with the Navistar 6.0's and 6.4's then three radiators and 2 blown turbos on the 2011 6.7, done with FoMoCo......which resulted in a 2013 Ram 3500 and then a 2015 Ram 3500 in my driveway. Sold the 2015 Ram 3500 this spring and went the summer without a truck, mainly because I didn't want another Ram of the same generation as my previous two, and, the new 2017 Superduty's are RIDICULOUSLY priced with minimal discounts.....nice trucks though.

So I'm driving by the local Chevy dealer last week, and sitting out front is a 2017 Regular Cab/LB loaded LTZ Duramax. Took it for a test drive and LOVED IT. Power for days, quiet, and it's been 25 years since I owned a regular cab truck.....a real man's truck as my Pop's always said. $58K MSRP, year-end clearance marked at $49K and I got them down to $45K....$13K off MSRP is not a bad deal + it fit's in my garage on the house instead of all the way out in the shop.

So Friday I had it at the dealer to get the TSB 17-NA-171 ECM/TCM updates done, and while I'm waiting I run into the dealership IT manager who I know quite well since my company has provided IT support services for them off and on for years. Big dealership, multiple locations all over the state, so he oversees a lot. Being a 25-year veteran IT Engineer/Manager myself, we got into a detailed discussion on the back-end architecture/process of how the new Duramax ECM/TCM is programmed and updated. WOW.

GM's Phase-1 overall process involves multi-factor authentication involving dealer employees/credentials and a Diffie-Hellman 2048 bit key exchange using a SHA-256 hash digest that is unique for each VIN ECM/TCM. The implementation is well thought out and done correctly, and put quite simply, there is no attack surface to exploit. GM's implementation of software key management coupled with unique features in hardware allow them to change any of this dynamically from model year to model year, or even production job to production job. The main concept to keep in mind is this is not a STATIC security implementation restricted by hardware limits where once cracked, always cracked (essential in developing an aftermarket solution). In the unlikely event of an exploit, GM can dynamically alter their system, and via On-Star (which uses the same system) issue OTA updates (whether you have an active subscription or not) or send update notices in the mail. Remember, this is simply a key exchange update process, something that every Wi-Fi hot spot does routinely.

Based on years of personal experience, IMHO the aftermarket will not be tuning or modifying these trucks ever.

Diffie-Hellman 2048/SHA-256 if implemented correctly as done by GM, is un-crackable......even by the NSA. Current estimates to crack Diffie-Hellman 1024 is 35,000,000 core years.....ie it would take 35 million cpu cores 1 year to crack a single key exchange.....and the key exchange is unique for each VIN#. Diffie-Hellman 2048bit???......forget about it, not going to happen.

Furthermore, I mentioned Phase-1 above....which on the L5P does not encrypt the actual software on the ECM/TCM. Phase-2 roll-out in the next gen trucks (as well as Corvette and other vehicles) is full encryption of the key exchange and module software.

From what I was told, Ford and Fiat/Chrysler are not far behind.

I've had several trucks tuned over the years, and I hate the emissions crap on these new trucks as much as anyone, but, I'm afraid we are nearing the end of an era.

At least they gave us 450HP and 900+ ft-lbs of torque stock......there are worse things!!
 
See less See more
#4 ·
No it has not. No third party has programmed the L5P ecm and no one will. There are no out of the box solutions currently available that retain the factory ecm.

Sure GB and others could develop aftermarket ecm's that could replace the factory ECM on a track/race truck with Autometer Gauges, aftermarket hvac and aftermarket audio......but none of the factory instrument cluster, HVAC, audio, BCM, human interface modules, power windows, steering, etc......NONE of it will work because it has security dependencies on the factory ECM. Every module that communicates with the ECM/TCM uses 2048 bit Diffie-Hellman key exchange with a SHA-256 hash.....and aftermarket ecm's will not have any of that.....useless for a daily/street driven truck.

I worked at AC-Delco for two years after I graduated from Purdue when all of the protocols and technology was being developed for OBD-II in the 1996 model year.....I saw the beginnings of whats going on today back then.

Encryption security is simply math. It's absolute and inviolable and it's been coming for a long time.
 
#5 ·
Not trying to troll here fella's.......just the facts about how this technology works.

GM expended a lot of R&D $$$ developing this system. Unless they specifically allow it....maybe via a factory special program with a major aftermarket company for limited editions, etc.....I can't see how the aftermarket is going to develop anything for these new systems going forward.
 
#6 ·
EFILive (some pretty smart guys) gave up on L5P ECM.

Quote from their forum MOD:

"There is no encryption as such but there is SHA-256 signatures on every calibration segment and the OS, no external reflash bootloader permitted so the signature validation cannot be bypassed and to top it off the JTAG/BDM is 128bit password protected.

Be prepared to accept that these may never be tunable, nobody but GM can generate the SHA-256 signatures and if someone does they will likely be sued by GM because SHA-256 is not crackable."
 
#1,209 ·
Went back to the beginning of this thread and seen this. Post #8 @M.A.M. damn near hit the nail on the head.
 
  • Like
Reactions: dubbleu and M.A.M.
#11 ·
 
#13 ·
Curious to see how this plays out after the truck's warranty runs out. Are you telling me that when my A/C breaks outside the warranty period I will have to get GM's blessing to fix it????
 
#16 ·
Not necessarily......it depends. I think the compressor/evap/receiver-drier could be replaced, but, the electronic control module??.....maybe not.....at least without the dealer programming it correctly for your truck. I don't know how far yet GM has implemented vehicle wide integration, but, based on what I know about the ECM/TCM, it could be all on-board systems/devices.

Again guys, no intent to troll here or be chicken little the sky is falling, but, I made an impulse purchase on this new truck and I like it. Finding out the way GM implemented technology in this truck after the fact doesn't change that, and is not a knock on GM. The company got really serious about securing these 2017+ vehicles and the methods used are in line with the latest advances in my industry. This is all good 99% of the time......except for the aftermarket performance industry.

70 KSI Hydroformed frame, refined and full power Duramax + Allison trans in a 3/4 ton truck vs the rattling and derated Cummins in the 3/4 ton Ram 2500 with the 68RFE trans (can't get the Aisin in the Ram 2500).....this is a TRUCK. IFS that doesn't cup and bevel the front tires inside of 5k miles like the other live axle trucks.......AFAICT, the only difference between the Silverado 2500 and 3500 is an additional helper spring in the back, a higher rated GVWR sticker, and the dually option.
 
  • Like
Reactions: zert100
#15 ·
I’m thinking the EPA has come down hard on manufacturers and his is their response.

Looks like if this is the case I’ll be holding onto the LML for a long while.

Personally I’m not shocked nor am I pissed about this.

BUT


IF THEY WOULD SPEND THIS MUCH R&D ON THEIR FREAKING EMISSIONS BOAT ANCHORS PEOPLE WOULD BE LESS OPT TO GO AROUND THIER SH*T TO BEGIN WITH!!!!!!!


Clown a$$ F-ers



PS Semper Devil.


Sent from my iPhone using Tapatalk
 
#18 ·
John Deere did this a few years ago - you want to "fix" your tractor? Call this 800 number, get an auth code for your new "authentic" JD part - Need to "field fix" to get whatever done ASAFP? Your SoL.

JD set the precedent and didn't lose sales...guess what?

We've had this Discussion, and M.A.M I know you "think" this is going to happen in a year, but, it's not. Unless we see someone piggy back the ECU we won't be seeing tuning on these L5P's for the factory ECU. Standalone, to make the L5P run - sure - That aint mass market Factory ECU tuning.

Who is out of warranty? I'll pay for a new oil pressure sender for you, send it to you, and you replace it...then find out you need a trip to the dealer to make the damn thing START. - yep - each I/O for the ecu has to be paired with the ECU or it all faults and "no va"(Spanish Chevy Joke! No Va = No go). At least on most of the major PID's I've checked, there is a header signature in the raw data packets for each PID channel if this is not there, that Input faults the system.

I'd love to see it tuned, but, it's not going to happen. - Maybe ProEFI will do a duramax base file and include the CAN2 proto's -


As far as OnStar on the Wire updates to your ECU - Get that Edge insight and plug it in - it will block Onstar from reading/writing to the ECU. (grin)
 
#19 ·
The key point here is that cost barriers for oem's to lock down their on-board systems are low with current technology. In the past that was not the case.

As Nacho said, once these systems are in place, no one is going to do anything with them unless the oem allows it.
 
#20 ·
  • Like
Reactions: Dmax_NW
#27 ·
I absolutely love, how for years if anyone mentioned they had Banks equipment on their Dmax, they were scorned and ridiculed by the forum masses.

Now everyone is looking to Banks, for salvation in the L5P tuning.
 
#28 ·
Only idiots would have done that. Banks tuning is just fine, but for custom stuff efi live is better. 99% of people would have been totally happy running banks tunes on their older models.

The only reason banks is able to play around is cuz he is part of the military/osh kosh contract
 
#29 · (Edited)
Hence the title of this thread......EFILive gave up on L5P.....Banks and other inline boxes will be the only option for these trucks.

From EFILive Forum Mod:

"There is no encryption as such but there is SHA-256 signatures on every calibration segment and the OS, no external reflash bootloader permitted so the signature validation cannot be bypassed and to top it off the JTAG/BDM is 128bit password protected.

Be prepared to accept that these may never be tunable, nobody but GM can generate the SHA-256 signatures and if someone does they will likely be sued by GM because SHA-256 is not crackable."
 
#35 ·
Gale had the cleanest smokeless canned tunes out, way back before that was the thing to have. So for now if we are going to have run inline tuners with the DPF still on we have to have smokeless tuning to avoid throwing codes. I've got faith in Gale to bring a decent product to market.
 
  • Like
Reactions: sailor9908
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top