Page 1 of 11 123 ... LastLast
Results 1 to 10 of 104

Thread: 2017 Duramax

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Member SPi's Avatar
    Join Date
    Jan 2010
    Posts
    58

    Default 2017 Duramax

    Have a client that just took delivery of 3 2017 duramax trucks. Is there any support for these yet?

  2. #2
    Lifetime Member GMC-2002-Dmax's Avatar
    Join Date
    Dec 2005
    Posts
    1,294

    Default

    NOPE..........BE A LONG TIME MOST LIKELY

    Rumor is the ECM is locked down like an Apple Phone as far as encryption.........many roadblocks in the way, and some may be almost impossible to remove !!
    www.mscservices.net


    Tuner of many, many Duramax and Cummins Diesels.


  3. #3
    Lifetime Member GMPX's Avatar
    Join Date
    Apr 2003
    Posts
    13,148

    Default

    There is no encryption as such but there is SHA-256 signatures on every calibration segment and the OS, no external reflash bootloader permitted so the signature validation cannot be bypassed and to top it off the JTAG/BDM is 128bit password protected.
    Be prepared to accept that these may never be tunable, nobody but GM can generate the SHA-256 signatures and if someone does they will likely be sued by GM because SHA-256 is not crackable.
    I no longer monitor the forum, please either post your question or create a support ticket.

  4. #4
    Member
    Join Date
    Jan 2006
    Posts
    60

    Default

    Quote Originally Posted by GMPX View Post
    There is no encryption as such but there is SHA-256 signatures on every calibration segment and the OS, no external reflash bootloader permitted so the signature validation cannot be bypassed and to top it off the JTAG/BDM is 128bit password protected.
    Be prepared to accept that these may never be tunable, nobody but GM can generate the SHA-256 signatures and if someone does they will likely be sued by GM because SHA-256 is not crackable.
    Hi, do someone know what tool was used to confirm the JTAG/BDM is 128bit password protected , any board pictures available
    tks

  5. #5
    Senior Member
    Join Date
    Dec 2015
    Posts
    126

    Default

    Quote Originally Posted by GMPX View Post
    There is no encryption as such but there is SHA-256 signatures on every calibration segment and the OS, no external reflash bootloader permitted so the signature validation cannot be bypassed and to top it off the JTAG/BDM is 128bit password protected.
    Be prepared to accept that these may never be tunable, nobody but GM can generate the SHA-256 signatures and if someone does they will likely be sued by GM because SHA-256 is not crackable.

    SHA-256 is just a hashing algorithm. It's pretty easy to generate as long as you know exactly what generates it. (Hiding exactly what makes the hash is a sort of weak form of encryption I guess you can say).

    What makes a signature is when you somehow encrypt that hash, and store that encrypted hash in the file. Then the program will take that encrypted hash and decrypt it using a key (public key if asymmetric). From there it takes the encrypted hash and checks it against the rest of the file by running the hash algorithm. (Sometimes it will check it against the actual hash stored in the file).

    Your solution is to find that public key/key and swap it out with your own. This might not be doable through OBD2 flashing. It really depends how they implemented it.

  6. #6
    Lifetime Member GMPX's Avatar
    Join Date
    Apr 2003
    Posts
    13,148

    Default

    I would expect the ECM bootblock would contain the public key as that is the part of the ECM that is doing the validation during the reflash.
    When the controller is flashed a hash is sent up to the ECM for the data to be flashed for each cal segment (I don't recall the exact size, maybe 800 bytes or so), we have to assume this hash is generated with GM's private Key which we will likely never know therefore we cannot generate a valid hash that works with their public key.
    The bootblock is not accessible via OBD-II therefore we cannot replace their public key / hash with our own and sign then calibrations with our own matching private Key either.

    I look at it this way, GM have been working on this for years no doubt and they've chosen SHA-256 because it is not crackable if implemented correctly..... so it is possible they have actually won the battle to keep tuners out (and therefore soon to be watching sales drop off!). So just like the video game console manufacturers appear to have won the battle against game piracy as processing power becomes cheap for them to put in solid signing mechanisms or encryption systems that have yet to be beaten. And think about how many people would be working on that since the PS3 came out in 2006 and only once did anyone get anywhere because SONY made an implementation error on one of their firmware updates that was fixed. But for the last 11 years nobody has beaten the PS3 protection to be able to sign valid signatures for PS3 games.
    I no longer monitor the forum, please either post your question or create a support ticket.

  7. #7
    Lifetime Member GMC-2002-Dmax's Avatar
    Join Date
    Dec 2005
    Posts
    1,294

    Default

    Well..........that was an interesting read :

    https://en.wikipedia.org/wiki/SHA-2

    So at any time they can alter the public and private key ??

    So in effect, they could, as a normal coarse of business make constant changes to the public and private key ?

    As in, sorry about your luck ???
    www.mscservices.net


    Tuner of many, many Duramax and Cummins Diesels.


  8. #8
    Lifetime Member GMPX's Avatar
    Join Date
    Apr 2003
    Posts
    13,148

    Default

    Quote Originally Posted by GMC-2002-Dmax View Post
    Well..........that was an interesting read :

    https://en.wikipedia.org/wiki/SHA-2
    My intention behind posting that link was to try to nip in the bud the 'But can't you just' questions
    So here is some numbers on the older SHA-1 system that GM aren't using and has been replaced with stronger SHA-2 (or SHA-256 as per GM) with no known exploit existing.

    "This attack required over 9,223,372,036,854,775,808 SHA1 computations. This took the equivalent processing power as 6,500 years of single-CPU computations and 110 years of single-GPU computations"
    http://thehackernews.com/2017/02/sha...on-attack.html
    Last edited by GMPX; April 25th, 2017 at 02:02 PM.
    I no longer monitor the forum, please either post your question or create a support ticket.

  9. #9
    Senior Member
    Join Date
    Dec 2015
    Posts
    126

    Default

    Pretty sure that with the current approach the universe will run out of energy before someone finds a SHA2 collision.

    BUT. Vulnerabilities will be found. If not by humans, then computers will find the vulnerabilities. That will knock the number down significantly just like it did with SHA1.

    So there is hope (if you can call it hope). But... At the point it comes to fruition I doubt anyone is going to be concerned with 20 year old Duramax engines.

  10. #10
    Lifetime Member GMPX's Avatar
    Join Date
    Apr 2003
    Posts
    13,148

    Default

    Quote Originally Posted by GMC-2002-Dmax View Post
    So in effect, they could, as a normal coarse of business make constant changes to the public and private key ?
    If they did then it breaks their own compatibility in a way. They could be all means change the Keys if they released say an E41A controller, or E41B controller.
    Lets (safely) assume there is a only a handful of people at GM that know their private signing key for a particular controller so they can be reflashed via OBD-II. We know it is impossible to reverse engineer what that key value might be so the only way to get the private key is from one of those people. Imagine tomorrow EFILive released tuning for this E41 where we could correctly sign the calibrations so when it is processed with the public key in the ECM it works out, GM are not going to turn a blind eye to that and heads would roll and lawyers would smell blood, it's not a good situation at all.
    Maybe there is an exploit that someone will discover down the track, who knows.

    Quote Originally Posted by GMC-2002-Dmax View Post
    As in, sorry about your luck ???
    Quote Originally Posted by Snipesy View Post
    So there is hope (if you can call it hope). But... At the point it comes to fruition I doubt anyone is going to be concerned with 20 year old Duramax engines.
    Unfortunately, yes that about sums it up.

    Would a flood of letters to GM explaining that cutting off aftermarket alterations is going to be detrimental to their sales once word gets out actually change anything? Probably not and it may be external pressures have forced them to take this path. As soon as this finds its way in to the gas controllers (which I assume it will) then GM will be in trouble with their performance cars, nobody wants to go see ten 2018 Corvette's run the exact same times down the drag strip because nobody can tune them, that would be embarrassing really.
    I no longer monitor the forum, please either post your question or create a support ticket.

Page 1 of 11 123 ... LastLast

Similar Threads

  1. 2017 8sp support
    By sn00py in forum 6 speed/8 speed RWD/FWD Transmission Tuning (incl T43, T76, T87)
    Replies: 3
    Last Post: September 18th, 2017, 01:11 PM
  2. April 2017, Beta Release 1
    By Blacky in forum Software Updates and Installation Help
    Replies: 17
    Last Post: April 18th, 2017, 01:31 PM
  3. 2017 T87 Silverado Calibration Support?
    By Doc in forum 6 speed/8 speed RWD/FWD Transmission Tuning (incl T43, T76, T87)
    Replies: 3
    Last Post: February 23rd, 2017, 03:48 PM
  4. 2017 duramax
    By djv86 in forum General (Diesel)
    Replies: 3
    Last Post: June 24th, 2016, 10:48 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •