http://www.duramaxforum.com/forum/20...ed-period.html

Hope this is not true !!!!!

L5P and after will never be tuned. Period.
Folks this is my first post, so I thought I would come in with a bang. Lol.

Background: I drove Ford trucks from High School in the mid 80's to a new 2011 F-350. Never owned a GM truck in my life. Had all the problems with the Navistar 6.0's and 6.4's then three radiators and 2 blown turbos on the 2011 6.7, done with FoMoCo......which resulted in a 2013 Ram 3500 and then a 2015 Ram 3500 in my driveway. Sold the 2015 Ram 3500 this spring and went the summer without a truck, mainly because I didn't want another Ram of the same generation as my previous two, and, the new 2017 Superduty's are RIDICULOUSLY priced with minimal discounts.....nice trucks though.

So I'm driving by the local Chevy dealer last week, and sitting out front is a 2017 Regular Cab/LB loaded LTZ Duramax. Took it for a test drive and LOVED IT. Power for days, quiet, and it's been 25 years since I owned a regular cab truck.....a real man's truck as my Pop's always said. $58K MSRP, year-end clearance marked at $49K and I got them down to $45K....$13K off MSRP is not a bad deal + it fit's in my garage on the house instead of all the way out in the shop.

So Friday I had it at the dealer to get the TSB 17-NA-171 ECM/TCM updates done, and while I'm waiting I run into the dealership IT manager who I know quite well since my company has provided IT support services for them off and on for years. Big dealership, multiple locations all over the state, so he oversees a lot. Being a 25-year veteran IT Engineer/Manager myself, we got into a detailed discussion on the back-end architecture/process of how the new Duramax ECM/TCM is programmed and updated. WOW.

GM's Phase-1 overall process involves multi-factor authentication involving dealer employees/credentials and a Diffie-Hellman 2048 bit key exchange using a SHA-256 hash digest that is unique for each VIN ECM/TCM. The implementation is well thought out and done correctly, and put quite simply, there is no attack surface to exploit. GM's implementation of software key management coupled with unique features in hardware allow them to change any of this dynamically from model year to model year, or even production job to production job. The main concept to keep in mind is this is not a STATIC security implementation restricted by hardware limits where once cracked, always cracked (essential in developing an aftermarket solution). In the unlikely event of an exploit, GM can dynamically alter their system, and via On-Star (which uses the same system) issue OTA updates (whether you have an active subscription or not) or send update notices in the mail. Remember, this is simply a key exchange update process, something that every Wi-Fi hot spot does routinely.

Based on years of personal experience, IMHO the aftermarket will not be tuning or modifying these trucks ever.

Diffie-Hellman 2048/SHA-256 if implemented correctly as done by GM, is un-crackable......even by the NSA. Current estimates to crack Diffie-Hellman 1024 is 35,000,000 core years.....ie it would take 35 million cpu cores 1 year to crack a single key exchange.....and the key exchange is unique for each VIN#. Diffie-Hellman 2048bit???......forget about it, not going to happen.

Furthermore, I mentioned Phase-1 above....which on the L5P does not encrypt the actual software on the ECM/TCM. Phase-2 roll-out in the next gen trucks (as well as Corvette and other vehicles) is full encryption of the key exchange and module software.

From what I was told, Ford and Fiat/Chrysler are not far behind.

I've had several trucks tuned over the years, and I hate the emissions crap on these new trucks as much as anyone, but, I'm afraid we are nearing the end of an era.

At least they gave us 450HP and 900+ ft-lbs of torque stock......there are worse things!!