DODGE RAM FORUM - Ram Forums and Owners Club! - Dodge Truck Forum

Go Back   DODGE RAM FORUM - Ram Forums and Owners Club! - Dodge Truck Forum > Dodge Ram Forum - General Discussion > 2011 Dodge Ram Forum


Notices

2011 Dodge Ram Forum For specific discussion of the 2011 Dodge Ram!


Latest Vendor News
AutoAnything
Addictive Desert Designs!
Bayou Goat Mounts

Reply
 
Thread Tools
  #31  
Old 02-22-2012, 01:51 PM
dixiejwo dixiejwo is offline
Dodge Ram Forum Senior Member!
 
Join Date: Nov 2011
Age: 37
Posts: 88
Gender: Male
Vehicle: 2012 Ram 2500
Rep Power: 0
Rep:11
dixiejwo is on a distinguished road
Default

I should say that it's not unreasonable to think someone like 22Dasher could download, decrypt, modify encrypt, and reupload his PCM code. It would be quite an involved project but there's probably not a huge technical barrier to doing that. (Disclaimer: I've never been inside one of these units so it may be 100% proprietary stuff. But probably not.)

Now based on his description of tools and process I seriously doubt that he did. And even if he had those skills it's even less likely that he was able to interpret what he decrypted and modify it into a usable (and improved!) engine map. So I'd bet heavily on "didn't happen".
Reply With Quote
Sponsored links
  #32  
Old 02-22-2012, 01:57 PM
snrusnak's Avatar
snrusnak snrusnak is offline
Dodge Ram Forum Senior Member!
 
Join Date: Jan 2011
Location: Orlando
Age: 27
Posts: 13,288
Gender: Male
Vehicle: 2010 Dodge Ram 1500
Trim Level: SLT
Color: White
Engine: 2008-20?? 287ci (4.7L) PowerTech V8 310hp 330lb/ft
Rep Power: 12
Rep:1385
snrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud of
Default

Also notice he has seemed to vanish...
__________________
Sean

Breathing in and out is good enough for me.
Reply With Quote
  #33  
Old 02-22-2012, 02:22 PM
Ironsides Ironsides is offline
Dodge Ram Forum Senior Member!
 
Join Date: Sep 2011
Posts: 145
Gender: Male
Vehicle: 2009 Dodge Ram 1500 CC 4X4
Trim Level: SLT Big Horn
Color: Black
Engine: 2009-20?? 345ci (5.7L) Hemi V8 390hp 407lb/ft
Rep Power: 0
Rep:44
Ironsides is on a distinguished road
Default

Quote:
Originally Posted by dixiejwo View Post
I am a software developer (electrical engineer by training) who's been involved in a lot of PC and embedded projects over the years. Perhaps I can shed some light on what's going on with these tuners. First some background...

An encryption system in its most basic flavor relies on two things: an encrypted payload that usually looks like random scrambled characters and a key that can be used to decrypt it. It can get quite a bit more complex but those two elements always exist. The key can be a number of things...it might be a password that's in your head (like in the case of encrypting your hard drive) or a large string of numbers stored somewhere else (like in the case of online banking) or even something completely random.

Since encryption algorithms are generally known and published, the encrypted payload can theoretically be descrambled mathematically without knowing the key. The reason encryption is effective is simply that the math problem is hard and it takes a very, very long time to solve, even for a computer. Having the key fills in one of the variables and makes the problem trivial to solve. Barring a huge leap in computer technology or mathematics (especially prime numbers) the encrypted data is safe unless the attacker has the key.

The challenge here likely has nothing to do with breaking the encryption. That's not realistic or even necessary. The PCM code may be encrypted but the truck sitting in your driveway already knows how to decrypt that code. It must or it couldn't use the code either. Each of our trucks already has both the key and the decryption code in it. The trick is to find it.

(For what it's worth the situation is similar to DVD movies. They are distributed encrypted but, of course, your DVD player must know how to decrypt them or they're useless. So between the DVD and the DVD player one or the other has the key. And it's all over the Internet now too.)

The challenges they're facing are probably:

1. Finding the key. It could theoretically be on any connected piece of silicon in the truck. And it's not like there's a comment that says "KEY STARTS HERE"...it'll probably look very similar to the encrypted code itself. There may be multiple.

2. Identifying the encryption algorithm. Usually not hard since you probably had to decompile the loader routines to locate the key(s) anyway. Sometimes you get lucky with trial and error. Other times they've done something homegrown and you have to implement it line by line.

3. Dealing with the fact that each of our trucks probably has a different key. If I were designing the system for maximum security I'd do that and make sure whatever component held the key was electrically isolated from the OBDII port. That would make it very difficult to create a universal programmer that was convenient for the end user (read: marketable).

(Does anyone know how the dealer flashes our trucks? Via a cable to that port? Or do they remove the unit and plug it in to something else? That process would be similar to what a tuner would have to do.)

4. Getting the lawyers to approve it. It's kind of a gray area but the DMCA has been used to prosecute people for subverting encrypted systems. The argument would be that Chrysler wrote the PCM code and encrypted it (in part) to prevent theft of trade secrets by other automakers. Producing and marketing a device that can decrypt that code as a tuner would have to do would probably violate Chrysler's rights under the DMCA. The law that protects Chrysler's IP might inadvertently prevent you from tuning your truck.


As I understand it there actually is case law around #4 from when Apple started encrypting their BIOS code a number of years ago. I don't know a whole lot about it but I'm pretty sure that's part of the reason why you still can't legally buy a commercial product that lets you run MacOS on your PC.

Issues #1 and #2 above are completely solvable by someone with the right tools, knowledge, time and a Dodge truck. My guess is that #3 and #4 are the real challenges...trying to package something that's fit for the end consumer and keeping Chrysler from suing you. After all if they didn't mind trucks under warranty being tuned then they wouldn't have bothered encrypting it in the first place.

My bet is we'll see something right about 2015 when the 2012s start going out of warranty.
I'm guessing Chrysler came up with their own encryption method. I'd also be inclined to think that there's 2 algorithms that need to be cracked. An algorithm that translates the VIN and the PCM Serial Number into the encryption key, and the encryption algorithm itself. That's how I'd do it anyway.

I disagree with your terminology though. Cracking the encryption method is a form of breaking the encryption. Given that, the problems with reprogramming the 2011+ Chrysler vehicles has everything to do with breaking the encryption.
Reply With Quote
  #34  
Old 02-22-2012, 02:54 PM
dodgert's Avatar
dodgert dodgert is offline
Dodge Ram Forum Senior Member!


 
Join Date: Mar 2011
Location: alpharetta ,ga
Posts: 4,433
Gender: Male
Vehicle: 2011 dodge ram rt
Trim Level: rt
Color: brilliant black pearl
Engine: 2009-20?? 345ci (5.7L) Hemi V8 390hp 407lb/ft
Rep Power: 8
Rep:1061
dodgert has much to be proud ofdodgert has much to be proud ofdodgert has much to be proud ofdodgert has much to be proud ofdodgert has much to be proud ofdodgert has much to be proud ofdodgert has much to be proud ofdodgert has much to be proud of
Default

I think this says it all

__________________
Reply With Quote
  #35  
Old 02-22-2012, 03:28 PM
dixiejwo dixiejwo is offline
Dodge Ram Forum Senior Member!
 
Join Date: Nov 2011
Age: 37
Posts: 88
Gender: Male
Vehicle: 2012 Ram 2500
Rep Power: 0
Rep:11
dixiejwo is on a distinguished road
Default

Quote:
Originally Posted by Ironsides View Post
I'm guessing Chrysler came up with their own encryption method.
Not likely. Almost no one does that because there's little chance of improvement and a large chance of creating a security hole. Encrypted data isn't secured by the obscurity of the algorithm but by the mathematics behind it. Most accepted encryption algorithms are completely public - including the one we use to encrypt financial transactions. Even the large software companies don't try to reinvent encryption algorithms.

Quote:
Originally Posted by Ironsides View Post
I'd also be inclined to think that there's 2 algorithms that need to be cracked. An algorithm that translates the VIN and the PCM Serial Number into the encryption key, and the encryption algorithm itself. That's how I'd do it anyway.
I tend to agree with the part about the derived key. That seems like a sensible way to do it though I'm pretty sure I read somewhere that it's a "rolling" code.

Here: http://www.diablosport.com/index.php...topic&p=176722

Quote:
Originally Posted by Ironsides View Post
I disagree with your terminology though. Cracking the encryption method is a form of breaking the encryption. Given that, the problems with reprogramming the 2011+ Chrysler vehicles has everything to do with breaking the encryption.
Just nomenclature I guess. Unlikely that they'll have to crack the encryption algorithm itself (see above) but they may have to "crack" some of the procedural stuff around it like key generation, loading, protocol, and so forth.
Reply With Quote
  #36  
Old 02-22-2012, 04:30 PM
Ironsides Ironsides is offline
Dodge Ram Forum Senior Member!
 
Join Date: Sep 2011
Posts: 145
Gender: Male
Vehicle: 2009 Dodge Ram 1500 CC 4X4
Trim Level: SLT Big Horn
Color: Black
Engine: 2009-20?? 345ci (5.7L) Hemi V8 390hp 407lb/ft
Rep Power: 0
Rep:44
Ironsides is on a distinguished road
Default

Quote:
Originally Posted by dixiejwo View Post
Not likely. Almost no one does that because there's little chance of improvement and a large chance of creating a security hole. Encrypted data isn't secured by the obscurity of the algorithm but by the mathematics behind it. Most accepted encryption algorithms are completely public - including the one we use to encrypt financial transactions. Even the large software companies don't try to reinvent encryption algorithms.



I tend to agree with the part about the derived key. That seems like a sensible way to do it though I'm pretty sure I read somewhere that it's a "rolling" code.

Here: http://www.diablosport.com/index.php...topic&p=176722



Just nomenclature I guess. Unlikely that they'll have to crack the encryption algorithm itself (see above) but they may have to "crack" some of the procedural stuff around it like key generation, loading, protocol, and so forth.
I didn't mean that Chrysler came up with a new algorithm, they probably used AES, I just meant that their encryption probably uses a combination of hardware and software, given that they have control over both. So it's not quite as straightforward as software encryption. Using rolling codes would make sense. I wouldn't use anything like that in my work, but I wouldn't need to.
Reply With Quote
  #37  
Old 02-22-2012, 05:02 PM
Second Life's Avatar
Second Life Second Life is offline
Dodge Ram Forum Senior Member!
 
Join Date: Nov 2010
Location: Outaouais, Quebec, Canada
Age: 29
Posts: 235
Gender: Male
Vehicle: 2011 Ram 1500 Crewcab
Trim Level: Outdoorsman 4x4
Color: Deep cherry red
Engine: 2009-???? 345ci (5.7L) Hemi V8 390hp 407lb/ft
Rep Power: 0
Rep:11
Second Life is on a distinguished road
Default

Quote:
Originally Posted by mikel@DiabloSportForum
Bummer, I guess the masses will all have to wait, while your the only one that can tune a 2011 yourself

Please dont take offense, but coming here and claiming to have 4 hours into 'cracking the code' is a bit outrageous.
We have some of the best and brightest minds in this industry working on this, and it has taken some serious time to make it right.
If you got into that ECU in 4 hours, I have a job waiting for you. Shoot, you can work 4 hour days

A little proof would go a long way though, as it sits, we have to say 'no, you didn;t'


Is it just me or is he saying they have cracked the code?
__________________
Truxedo LoPro - Westin Premier 6'' Oval tubes - Sonnax line pressure booster - Dee Zee rubber bed mat - Magnaflow 12259 - K&N Aircharger - Bilstein 5100 set at 2.8'' - BullyDog GT for Hemi Plus
Reply With Quote
  #38  
Old 02-22-2012, 05:13 PM
SS4Luck's Avatar
SS4Luck SS4Luck is offline
Dodge Ram Forum Senior Member!
 
Join Date: Aug 2011
Location: Pleasant Lake, MI
Posts: 3,069
Gender: Male
Vehicle: 2012 1500 Crew Cab
Trim Level: Big Horn 4x4
Color: Bright White Clearcoat
Engine: 2009-20?? 345ci (5.7L) Hemi V8 390hp 407lb/ft
Rep Power: 4
Rep:309
SS4Luck is a jewel in the roughSS4Luck is a jewel in the roughSS4Luck is a jewel in the roughSS4Luck is a jewel in the rough
Default

Quote:
Originally Posted by Second Life View Post
Is it just me or is he saying they have cracked the code?
I think theyve been saying theyve cracked it for a while and that they are working on making sure their work is safe for consumers, getting it to communicate with no errors to the truck and to make so no one can just blatently copy their work (making their own encryption).

thats just what Ive picked up from cruising the DS forum
__________________

2011 Big Horn 4x4 -SnowWhite-
1 7/8ths catless ARH ceramic coated longtubes - Sport mirrors-55W 5000K HID low and fogs-LED EVERYTHING
Reply With Quote
  #39  
Old 02-22-2012, 06:37 PM
snrusnak's Avatar
snrusnak snrusnak is offline
Dodge Ram Forum Senior Member!
 
Join Date: Jan 2011
Location: Orlando
Age: 27
Posts: 13,288
Gender: Male
Vehicle: 2010 Dodge Ram 1500
Trim Level: SLT
Color: White
Engine: 2008-20?? 287ci (4.7L) PowerTech V8 310hp 330lb/ft
Rep Power: 12
Rep:1385
snrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud ofsnrusnak has much to be proud of
Default

^what I get from all of this is "blah blah blah blah blah blah blah. blah."
__________________
Sean

Breathing in and out is good enough for me.
Reply With Quote
  #40  
Old 02-22-2012, 06:44 PM
doug713's Avatar
doug713 doug713 is offline
Dodge Ram Forum Senior Member!
 
Join Date: Jan 2011
Location: Alabama
Age: 42
Posts: 424
Gender: Male
Vehicle: 2011 Dodge Ram
Trim Level: Laramie
Color: Deep Cherry Red Crystal Pearl
Engine: 2009-2012 345ci (5.7L) Hemi V8 390hp 407lb/ft
Rep Power: 0
Rep:33
doug713 is on a distinguished road
Default

^^^^ what he said.....LOL
__________________
Reply With Quote
Reply

Bookmarks

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


Advertisement






All times are GMT -4. The time now is 07:35 AM.


= Copyright RamForumZ.com a Gigathreads.com Network Site =Ad Management by RedTyger
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
vB.Sponsors


=Gigathreads Network=
CLUBS MOPAR NATION DSM GPMM MAMM JAM
DIESEL Diesel Forum      
CHEVY Chevy Camaro Forum Chevy Volt Forum    
CHRYSLER Chrysler 300C Forum      
DODGE Dodge Avenger Forum Dodge Caliber Forum Dodge Challenger Forum Dodge Charger Forum
  Dodge Circuit Forum Dodge Hornet Forum Dodge Magnum Forum Dodge Nitro Forum
  Dodge Ram Forum Dodge Dakota Forum Dodge Durango Forum Dodge Dart Forum
FORD Ford Raptor Forum Ford F150 Forum Ford F100 Forum  
JEEP Jeep Forum      
PONTIAC Pontiac G8 Forum      
SRT SRT Viper Forum SRT Cuda Forum