Pages: 1 2 3 [4] 5
Author Topic: Bosch MG1 Ecu for VAG  (Read 46976 times)
prj
Hero Member
*****

Karma: +1072/-481
Offline Offline

Posts: 6037


« Reply #45 on: August 08, 2019, 12:39:09 AM »

Only PPC, No Aurix.
Logged

PM's will not be answered, so don't even try.
Log your car properly - WinOLS database - Tools/patches
cherry
Sr. Member
****

Karma: +26/-2
Offline Offline

Posts: 260


« Reply #46 on: August 08, 2019, 01:17:34 AM »

Seems there is also a CMD beta version for MDG1. I expect other tools will follow soon.
Logged
nyet
Administrator
Hero Member
*****

Karma: +608/-168
Online Online

Posts: 12270


WWW
« Reply #47 on: August 08, 2019, 08:37:31 AM »

There is a fundamental misunderstanding as to what the purpose of encryption is.

It is to secure a channel between two trusted parties against attack by a *3rd* party.

In this case, there are only two parties, only one of which is trusted.
Logged

ME7.1 tuning guide
ECUx Plot
ME7Sum checksum
Trim heatmap tool

Please do not ask me for tunes. I'm here to help people make their own.

Do not PM me technical questions! Please, ask all questions on the forums! Doing so will ensure the next person with the same issue gets the opportunity to learn from your ex
nihalot
Full Member
***

Karma: +41/-3
Offline Offline

Posts: 117


« Reply #48 on: August 08, 2019, 11:56:37 AM »

There is a fundamental misunderstanding as to what the purpose of encryption is.

It is to secure a channel between two trusted parties against attack by a *3rd* party.

In this case, there are only two parties, only one of which is trusted.

I think you're the on who's misunderstood encryption
the 2nd case is a perfectly valid use case(to protect code/calibration from any party other than the OEM)

https://en.wikipedia.org/wiki/Encryption
Logged

www.tangentmotorsport.com

multimap/LC/rolling antilag for MG1/MED17/EDC17/MED9/EDC15

contact for reverse engineering services of any ECU/TCU
nyet
Administrator
Hero Member
*****

Karma: +608/-168
Online Online

Posts: 12270


WWW
« Reply #49 on: August 08, 2019, 12:53:23 PM »

I think you're the on who's misunderstood encryption
the 2nd case is a perfectly valid use case(to protect code/calibration from any party other than the OEM)

https://en.wikipedia.org/wiki/Encryption


Entirely incorrect. The 2nd party is either in possession of the private key(s), or the hardware can be compromised to be forced to use a different public key (or none at all) for verification.

Encryption was NEVER meant to solve this problem, because fundamentally it cannot as long as the untrusted party has physical access.

How do you think corporate firewalls do MITM?
Logged

ME7.1 tuning guide
ECUx Plot
ME7Sum checksum
Trim heatmap tool

Please do not ask me for tunes. I'm here to help people make their own.

Do not PM me technical questions! Please, ask all questions on the forums! Doing so will ensure the next person with the same issue gets the opportunity to learn from your ex
d3irb
Full Member
***

Karma: +134/-1
Offline Offline

Posts: 195


« Reply #50 on: August 08, 2019, 01:08:02 PM »

Entirely incorrect. The 2nd party is either in possession of the private key(s), or the hardware can be compromised to be forced to use a different public key (or none at all) for verification.

Encryption was NEVER meant to solve this problem, because fundamentally it cannot as long as the untrusted party has physical access.

How do you think corporate firewalls do MITM?

This was the point I was trying to make. Outside of highly-research-oriented and never practically implemented homomorphic encryption, there is no theoretical way to fully protect an endpoint for which the untrusted party has physical access.

However, there are practical hardening methods that are commonly employed in the industry for these situations: a scenario where a manufacturer wishes to remotely update consumer-owned hardware without giving the consumer access. Where do we find those situations? Mobile phones and game consoles. Rather than being dismissive and rude like others in this thread, we would do well to learn from the trust chain and boot process protections in these kind of devices as this is the direction ECUs will go.
Logged
dragon187
Full Member
***

Karma: +13/-15
Offline Offline

Posts: 106


« Reply #51 on: August 08, 2019, 02:10:17 PM »

Later I can post damos for this ecu.
2.0tfsi
3.0tfsi
 Grin

can not upload 7mb
MG1 2,0 R4 4V TFSI EA888 GEN3 BZ MQB A1_8V0907115C_0002.rar
Logged
nihalot
Full Member
***

Karma: +41/-3
Offline Offline

Posts: 117


« Reply #52 on: August 09, 2019, 12:44:47 AM »

Entirely incorrect. The 2nd party is either in possession of the private key(s), or the hardware can be compromised to be forced to use a different public key (or none at all) for verification.

Encryption was NEVER meant to solve this problem, because fundamentally it cannot as long as the untrusted party has physical access.

How do you think corporate firewalls do MITM?

Public key cryptography wasn't meant to solve this problem.
Encryption by definition doesn't have any such limitation
Logged

www.tangentmotorsport.com

multimap/LC/rolling antilag for MG1/MED17/EDC17/MED9/EDC15

contact for reverse engineering services of any ECU/TCU
Geremia
Jr. Member
**

Karma: +11/-10
Offline Offline

Posts: 27


« Reply #53 on: August 12, 2019, 06:18:45 AM »

I've not been at school too much, but here encryption is used for fw upgrade over an insecure channel (canbus), to avoid 3rd party to grab it and load it into idapro for static analysis.
RSA is used for authentication and integrity verification (signed hash), for the trust chain (same as consoles, smartphones...).
But this happens in ecus since years, nothing new in mg1, except a more secure locking of MCU (where the trust chain starts).
Logged
nyet
Administrator
Hero Member
*****

Karma: +608/-168
Online Online

Posts: 12270


WWW
« Reply #54 on: August 12, 2019, 10:56:53 PM »

Public key cryptography wasn't meant to solve this problem.
Encryption by definition doesn't have any such limitation


Encryption absolutely has that limitation, whether public cryptography is used or not. The decryption key is in the hands of an untrusted party. There are only two parties here, not three.
Logged

ME7.1 tuning guide
ECUx Plot
ME7Sum checksum
Trim heatmap tool

Please do not ask me for tunes. I'm here to help people make their own.

Do not PM me technical questions! Please, ask all questions on the forums! Doing so will ensure the next person with the same issue gets the opportunity to learn from your ex
nyet
Administrator
Hero Member
*****

Karma: +608/-168
Online Online

Posts: 12270


WWW
« Reply #55 on: August 12, 2019, 11:01:14 PM »

except a more secure locking of MCU (where the trust chain starts).

Which means private information (and associated challenge/response code) that is stored inside the ecu itself which is difficult (but not impossible) to physically disable, modify, or extract.

Most of these mechanisms (e.g. TCPM) are sold by people who are not being honest about what cryptography can and can't do. They're adding physical security to mathematical encryption to artificially provide the trusted 2nd party, making the user the untrusted 3rd party. Mathematical encryption alone CANNOT provide the solution they are selling.

They never tell the truth, and most people have zero idea what is actually being sold.
Logged

ME7.1 tuning guide
ECUx Plot
ME7Sum checksum
Trim heatmap tool

Please do not ask me for tunes. I'm here to help people make their own.

Do not PM me technical questions! Please, ask all questions on the forums! Doing so will ensure the next person with the same issue gets the opportunity to learn from your ex
pc1010
Newbie
*

Karma: +0/-0
Offline Offline

Posts: 13


« Reply #56 on: August 13, 2019, 02:21:57 AM »

can not upload 7mb
MG1 2,0 R4 4V TFSI EA888 GEN3 BZ MQB A1_8V0907115C_0002.rar
Maybe split file on smaller pieces Smiley
Logged
nihalot
Full Member
***

Karma: +41/-3
Offline Offline

Posts: 117


« Reply #57 on: August 16, 2019, 10:42:59 PM »

Encryption absolutely has that limitation, whether public cryptography is used or not. The decryption key is in the hands of an untrusted party. There are only two parties here, not three.
Just because a method doesn't exist ATM doesn't mean it never will
Encryption from wiki- encryption is the process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot.

Authorized and unauthorized parties. No limit on the number.
Logged

www.tangentmotorsport.com

multimap/LC/rolling antilag for MG1/MED17/EDC17/MED9/EDC15

contact for reverse engineering services of any ECU/TCU
nyet
Administrator
Hero Member
*****

Karma: +608/-168
Online Online

Posts: 12270


WWW
« Reply #58 on: August 16, 2019, 10:46:47 PM »

Just because a method doesn't exist ATM doesn't mean it never will
Encryption from wiki- encryption is the process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot.

Authorized and unauthorized parties. No limit on the number.

That is a ridiculously simplistic definition of encryption and not at all representative of reality, nor does it even vaguely describe actual real life implementations which have fundamental limitations which are not from the technology, but rather from the math and information theory as a whole.

I have NO idea why you think that dumbed down one sentence summary from WP is somehow magically authoritative.
« Last Edit: August 16, 2019, 10:48:45 PM by nyet » Logged

ME7.1 tuning guide
ECUx Plot
ME7Sum checksum
Trim heatmap tool

Please do not ask me for tunes. I'm here to help people make their own.

Do not PM me technical questions! Please, ask all questions on the forums! Doing so will ensure the next person with the same issue gets the opportunity to learn from your ex
nihalot
Full Member
***

Karma: +41/-3
Offline Offline

Posts: 117


« Reply #59 on: August 16, 2019, 11:35:54 PM »

That is a ridiculously simplistic definition of encryption and not at all representative of reality, nor does it even vaguely describe actual real life implementations which have fundamental limitations which are not from the technology, but rather from the math and information theory as a whole.

I have NO idea why you think that dumbed down one sentence summary from WP is somehow magically authoritative.
I'm not talking about existing systems, I'm talking about you limiting the definition to a minimum of 2 authorized parties
I'd like to see a source that says that 2 is the lower limit and NO research is being done in this regard and mathematicians have completely given up hope on encryption in a 1 authorized party system

Edited for clarity
« Last Edit: August 16, 2019, 11:41:39 PM by nihalot » Logged

www.tangentmotorsport.com

multimap/LC/rolling antilag for MG1/MED17/EDC17/MED9/EDC15

contact for reverse engineering services of any ECU/TCU
Pages: 1 2 3 [4] 5
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines Page created in 0.027 seconds with 17 queries. (Pretty URLs adds 0s, 0q)