GM Won't Help Aftermarket Tuners Crack C8's ECU
#21
Le Mans Master
Anything...can be cracked and hacked.
The following 2 users liked this post by frodoz737:
blkvett01 (08-09-2021),
Dirtnap_TX (08-06-2021)
#22
That said, I have not done a capture of the communication from the car yet so I don't know what calls it's making. I have reached out to the people most capable of breaking this to see if they're even looking at it yet.
#23
The following users liked this post:
shatter (08-06-2021)
#24
Race Director
Member Since: Aug 2019
Location: Central Illinois
Posts: 10,089
Received 11,616 Likes
on
4,644 Posts
There were several on here that were absolutely adamant that within the first six months of the cars being on the road, it would be hacked and tuned. In a month the third year of build is happening and still nothing.
#25
#26
Moderator
Except that all bus communication between various modules is encrypted.
#27
Le Mans Master
And how does the ECU know the signature is good? I'm assuming they didn't put static keys or generate dynamic keys with a shared salt...
That said, I have not done a capture of the communication from the car yet so I don't know what calls it's making. I have reached out to the people most capable of breaking this to see if they're even looking at it yet.
That said, I have not done a capture of the communication from the car yet so I don't know what calls it's making. I have reached out to the people most capable of breaking this to see if they're even looking at it yet.
The following users liked this post:
gbf_98070 (08-09-2021)
#28
GM's new E99 ECM in the 2020 C8 Corvettes involves multi-factor authentication involving dealer employees & credentials and a Diffie-Hellman 2048-bit key exchange using a SHA-256 hash digest that is unique for each VIN PCM & TCM.
The Diffie-Hellman 2048/SHA-256 ECM/TCM is not a STATIC security implementation, it is currently un-crackable by even the best in the aftermarket tuning world.
Current estimates to crack Diffie-Hellman 1024 is 35,000,000 core years.
It would take 35 million CPU cores 1 year to crack a single key exchange, and the key exchange is unique for each VIN. Diffie-Hellman 2048
Forget about it, not going to happen.
Now then, a stand-alone aftermarket PCM that could partially by pass the rolling code encryptions momentarily will cut off factory instrument cluster, HVAC, audio, BCM, power windows and eventually will obtain authentication error which will alert On-Star Remote to shutdown the car.
None of it will work because it has security dependencies on the factory ECM. Every module that communicates with the PCM/TCM uses 2048-bit Diffie-Hellman key exchange with a SHA-256.
Successfully flash-tuning, reprogramming & otherwise altering the engine control unit to increase power output on the 2020 C8 will be next to impossible.
The anti-hacking encryption written into the electronic control module will block any attempt to "read, write, and/or replace the standard ECU of the C8.
If the ECU detects such an effort, and that programming event fails, the Corvette C8 will enter a "recovery mode" that requires a reboot.
The C8 can be reprogrammed but that is only GM software, and only by an entity with the proper encryption keys - meaning a trip on a flatbed to the dealer and a sure fire way to completely void your entire warranty.
The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher
Ephemeral Diffie-Hellman – This is considered the most secure implementation because it provides perfect forward secrecy. It is generally combined with an algorithm such as DSA or RSA to authenticate one or both of the parties in the connection
Diffie–Hellman key exchange is a method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols as conceived by Ralph Merkle and named after Whitfield Diffie and Martin Hellman.
DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography.
Traditionally, secure encrypted communication between two parties required that they first exchange keys by some secure physical means, such as paper key lists transported by a trusted courier.
The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher.
Diffie–Hellman is used to secure a variety of Internet services. However, research published in October 2015 suggests that the parameters in use for many DH Internet applications at that time are not strong enough to prevent compromise by very well-funded attackers, such as the security services of large governments.
The scheme was published by Whitfield Diffie and Martin Hellman in 1976, but in 1997 it was revealed that James H. Ellis, Clifford *****, and Malcolm J. Williamson of GCHQ, the British signals intelligence agency, had previously shown in 1969 how public-key cryptography could be achieved.
Although Diffie–Hellman key agreement itself is a non-authenticated key-agreement protocol, it provides the basis for a variety of authenticated protocols, and is used to provide forward secrecy in Transport Layer Security's ephemeral modes (referred to as EDH or DHE depending on the cipher suite).
The method was followed shortly afterwards by RSA, an implementation of public-key cryptography using asymmetric algorithms.
The Diffie-Hellman 2048/SHA-256 ECM/TCM is not a STATIC security implementation, it is currently un-crackable by even the best in the aftermarket tuning world.
Current estimates to crack Diffie-Hellman 1024 is 35,000,000 core years.
It would take 35 million CPU cores 1 year to crack a single key exchange, and the key exchange is unique for each VIN. Diffie-Hellman 2048
Forget about it, not going to happen.
Now then, a stand-alone aftermarket PCM that could partially by pass the rolling code encryptions momentarily will cut off factory instrument cluster, HVAC, audio, BCM, power windows and eventually will obtain authentication error which will alert On-Star Remote to shutdown the car.
None of it will work because it has security dependencies on the factory ECM. Every module that communicates with the PCM/TCM uses 2048-bit Diffie-Hellman key exchange with a SHA-256.
Successfully flash-tuning, reprogramming & otherwise altering the engine control unit to increase power output on the 2020 C8 will be next to impossible.
The anti-hacking encryption written into the electronic control module will block any attempt to "read, write, and/or replace the standard ECU of the C8.
If the ECU detects such an effort, and that programming event fails, the Corvette C8 will enter a "recovery mode" that requires a reboot.
The C8 can be reprogrammed but that is only GM software, and only by an entity with the proper encryption keys - meaning a trip on a flatbed to the dealer and a sure fire way to completely void your entire warranty.
The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher
Ephemeral Diffie-Hellman – This is considered the most secure implementation because it provides perfect forward secrecy. It is generally combined with an algorithm such as DSA or RSA to authenticate one or both of the parties in the connection
Diffie–Hellman key exchange is a method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols as conceived by Ralph Merkle and named after Whitfield Diffie and Martin Hellman.
DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography.
Traditionally, secure encrypted communication between two parties required that they first exchange keys by some secure physical means, such as paper key lists transported by a trusted courier.
The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher.
Diffie–Hellman is used to secure a variety of Internet services. However, research published in October 2015 suggests that the parameters in use for many DH Internet applications at that time are not strong enough to prevent compromise by very well-funded attackers, such as the security services of large governments.
The scheme was published by Whitfield Diffie and Martin Hellman in 1976, but in 1997 it was revealed that James H. Ellis, Clifford *****, and Malcolm J. Williamson of GCHQ, the British signals intelligence agency, had previously shown in 1969 how public-key cryptography could be achieved.
Although Diffie–Hellman key agreement itself is a non-authenticated key-agreement protocol, it provides the basis for a variety of authenticated protocols, and is used to provide forward secrecy in Transport Layer Security's ephemeral modes (referred to as EDH or DHE depending on the cipher suite).
The method was followed shortly afterwards by RSA, an implementation of public-key cryptography using asymmetric algorithms.
Last edited by Red Mist Rulz; 08-06-2021 at 08:20 PM.
#29
This is likely the only way the car will be tuned, but it definitely has it's limits compared to modifying the ECU itself.
#30
Drifting
Anyone have Cicio’s Stage 3 kit? They are using a piggyback system.
#31
BTW, Diffie–Hellman is a key exchange and susceptible to MITM attacks. You wouldn't brute force it. What they've done is combined several security methodologies and it'll take someone going through a series of hurdles to break it. This is why it's not been broken in the 2 years it's been out I'm sure. Honestly, if it's not broken by the time my warranty is up, I may sell and buy something more consumer friendly.
#32
Le Mans Master
In the long term, unmodified cars hold their value the most.
Last edited by RKCRLR; 08-06-2021 at 09:34 PM.
The following 5 users liked this post by RKCRLR:
Chemdawg99 (02-11-2023),
JD'S WHITE 93 (02-12-2023),
OLD_GOAT (08-07-2021),
Phil1098 (08-07-2021),
stevesvette (02-13-2023)
#33
How well to non-repairable cars do?
Here is where I think we're headed: https://www.bloomberg.com/news/featu...00-000-tractor
Here is where I think we're headed: https://www.bloomberg.com/news/featu...00-000-tractor
#34
#35
Race Director
Member Since: Aug 2019
Location: Central Illinois
Posts: 10,089
Received 11,616 Likes
on
4,644 Posts
How well to non-repairable cars do?
Here is where I think we're headed: https://www.bloomberg.com/news/featu...00-000-tractor
Here is where I think we're headed: https://www.bloomberg.com/news/featu...00-000-tractor
The following users liked this post:
stevesvette (02-13-2023)
#36
Le Mans Master
Short term, yes. Long term, there will be key leaks, and even longer term, the ECU will either be cracked or replaced with something tunable. If not, the long term value of these cars is not going to be good.
BTW, Diffie–Hellman is a key exchange and susceptible to MITM attacks. You wouldn't brute force it. What they've done is combined several security methodologies and it'll take someone going through a series of hurdles to break it. This is why it's not been broken in the 2 years it's been out I'm sure. Honestly, if it's not broken by the time my warranty is up, I may sell and buy something more consumer friendly.
BTW, Diffie–Hellman is a key exchange and susceptible to MITM attacks. You wouldn't brute force it. What they've done is combined several security methodologies and it'll take someone going through a series of hurdles to break it. This is why it's not been broken in the 2 years it's been out I'm sure. Honestly, if it's not broken by the time my warranty is up, I may sell and buy something more consumer friendly.
#37
Le Mans Master
Member Since: Dec 1999
Location: One Hour From Boston!
Posts: 6,408
Received 4,684 Likes
on
1,862 Posts
”GM Won't Help Aftermarket Tuners Crack C8's ECU“
Aside from Callaway, has GM ever helped any aftermarket tuner with Corvette coding? Why should now be any different?
Aside from Callaway, has GM ever helped any aftermarket tuner with Corvette coding? Why should now be any different?
Last edited by BIG Dave; 08-07-2021 at 01:02 PM.
#38
Burning Brakes
I did hear they may or are throwing Calloway a bone. No doubt a Turbo or screw. That has to be a min of a 100 HP bump when available for 20-25k
#39
Team Owner
In 20 years, who's going to have an ECU that will be able to communicate with the rest of the computers in the car? Will there have to be whole car computer replacements to get just one working? Who will be around to program them? Will the computer language now still be around (COBOL, PL1, FORTRAN, etc.)? This is going to get messy in the not too distant future.
#40
The encryption in the C8 is an order of magnitude, or two, more difficult to crack than those cars you mention. As is the checking of encrypted keys between each computer module in the car, which is unique to each individual VIN. Crack the ECU from Car "A" and try to use it in car "B", and it won't work.
If they are using x.509 certificates with a private key stored within a HSM like a FIPS140-2 container or some sort of TPM, it could be very hard if not impossible to crack this system. Far beyond what some tuner is going to be able to invest in.
Firmware is probably also digitally signed by a trusted CA, so the ECU will first validate the CRC on the download (to ensure not corrupted) and then perform certificate trust path processing to validate it is "authentic" by checking the signing certificate thumbprint hash. With the OnStar system being 2-way, it is also possible they can update this certificate trust and probably revoke certificates as well. If they built some sort of tamper protection in the system, I suppose they could also brick your ECU by revoking whatever certificate it was issued.
I wonder though, if they actually use a common signing key for these modules, or if they are generating new identity / signing certificates for each module as it rolls off the factory line? If they used a single common certificate and someone compromised the private keys, then it would be a big win for the tuner community.
The other approaches suggest just performing a man-in-the-middle attack by placing something between the ECU and the TCM for instance. Depending on how the communication protocol is done, this might also fail if all messages are authenticated and a nonce is used to circumvent playback attacks.
Has anyone put a logic analyzer on the CAN bus and captured some traffic between the ECU and TCM?
I wonder if the private keys are stored in a battery backed SRAM with a tamper detection switch on the ECU module causing those keys to be dumped/zeroized?
If you can open up the ECU while it is running, it might be possible to install an in-circuit-emulator, or logic analyzer on the microprocessor and snoop on the data bus. If you could identify which section of code is performing the CANBUS message validation and insert some NO-OP's.... you would probably also have to get around any sort of bootloader security they have in place too. If it is anything like Samsung KNOX type security, they may have some e-fuses in there and once a tamper event is detected, they will blow those fuses and then you are TOAST!
Needless to say, I won't be volunteering to tinker with this on my new C8. There is probably some fine print somewhere on my purchase agreement that would be used by GM to sue me into oblivion too.
Last resort is to rip these components out and build your own from scratch, including all the functions of the DCT TCM. The engineering challenge and cost this would incur makes this also very unlikely to occur.
If the GM field techs have a device that allows them to install replacement parts, I would also wonder if the parts come from GM already matched to the vehicle VIN so other modules will accept the signing keys, or does the field tech use a programmer? Might be an opportunity for an exploit there...
If certificate programming is done through some process in the field, could you trick this system into issuing you a new or derivative certificate?