View Single Post
Old 10-20-2004, 02:17 PM   #23
big_adventure
Scooby Specialist
 
Member#: 40501
Join Date: Jul 2003
Location: Paris, FR
Vehicle:
2005 Decathalon 21sp
One WheelSeanPower

Default

Quote:
Originally Posted by StiDreams
This is very bad news.

(4.7.2) Manufacturers shall request Executive Officer approval of the algorithm used to calculate the CVN. Executive Officer approval of the algorithm shall be based on the complexity of the algorithm and the difficulty in achieving the same CVN with modified calibration values.

This makes it sound like the key generated (CVN) will be unique. The algorithm used should be sufficiently complex so that you can't create another set of bits inside the flash that would generate the same key using this algorithm. If algorithm is sufficiently complex and the key is big enough (triple DES with 1024 bit key or the like), you would never be able to generate a flash file that would create the same key. The only way around this would be to restore the OEM code and reverse all the modifications when you have to do smog. I have always thought that it would come to this. It just sucks that it is now going to be reality.
Well, it might not be so bad, really. Remember, most big industry counts on DCMA (in the US) and the EU's copyright infringement laws to protect proprietary encryption. Thus, they usually don't bother making it particularly strong.

The way it reads, it indicates that the tester will request the coded response, but it does not indicate that the response must consider the request. They will probably use something relatively simple, like CRC-32 or maybe a one-way hash function on a checksum result. Either would make it statistically unlikely that the user could duplicate the results in flash. However, with enough control over the code, or with any piggyback, you will probably be able to just duplicate the "stock" value when it spits the code back to the tester.

All bets are off when OBD-II changes to -III, however. At that point, I would imagine, if they are serious about stopping modders, that they will build in a challenge-response system. The tester will generate an initialization vector value, which will likely be concatenated (or XOR'd) with the checksum value, then encoded by another function. This will make breaking it a lot harder, without access to the guts of the testing equipment.

All that said, a piggyback should still have no problems, provided it does not interfere with OBD-II or -III responses.

-Sean
* Registered users of the site do not see these ads.
big_adventure is offline   Reply With Quote