Pages: 1 [2]
Author Topic: Why is there NO discussion about component protection?  (Read 7840 times)
Wommesz
Newbie
*

Karma: +2/-0
Offline Offline

Posts: 10


« Reply #15 on: September 10, 2021, 08:44:53 AM »

For what it's worth, the little information I have:

The Audi radio unit (4G1035053) has the component protection information at offsets 0x7A66-7AB5 and/or 0x7FB0-0x7FFF.
The eeprom is a standard 24c256 which should be readable by a CH341A usb programmer in-circuit if you can get the wires connected.

Supposedly, copying over that bit of information from one radio unit to the other is enough to make it work in a different car.
Logged
H2Deetoo
Full Member
***

Karma: +21/-1
Offline Offline

Posts: 233


« Reply #16 on: September 11, 2021, 03:35:58 PM »

For VW PQ platform I can say that units which are matched share the same key.
This shared key is stored in the eeprom of the unit but not in plain format but encrypted with a unique key for each unit.
So copying eeprom data (that area where the share key would be stored) will not work.

The handshake is initiated by the master (=cluster) and sends some encrypted data back and forth so both parties can verify if the use the same key.

I believe the VW MQB platform uses a similar (if not same) approach but there the gateway is the master.
(But I haven't studied this further though.)


Rgs H2Deetoo
Logged
Pages: 1 [2]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines Page created in 0.012 seconds with 17 queries. (Pretty URLs adds 0s, 0q)