Vida CEM swapping

[RickHaleParker]

Any real world examples of SPA pin + seed + key?

Seed / key pairs have been dug out of VIDA logs. Each pair leads to 65536 collisions. I am running a proof to determine if all 65536 will work as valid PINS. So far it looks like it is so.

[RickHaleParker]

I think of one where to run a P3 as Hex it would also produce 65536 collisions. If a SPA was ran as BCD it would get the same results you got with the P3. It not conclusive but it looking like what works on a P3 works on a SPA and vice versa as far as unlocking security level 1 goes.

[vtl]

That would take around 2h30m using my staged hash algo on a 3GHz CPU using 1 thread. Matching the very first hash hit is a fraction of second.

[RickHaleParker]

That would take around 2h30m using my staged hash algo on a 3GHz CPU using 1 thread. Matching the very first hash hit is a fraction of second.

I calculated 2.75 hours. I thinking if it can be done use BCD on the P5 & P6. Everything will go faster. I already cooking a algo using your staged hash to beat the UDS timeout on the P5 & P6.

[RickHaleParker]

Come to think of it the staged hash could be used to speed up your P3 crack if you do it on the host.

[RickHaleParker]

The worst case would be a hit with pin 00 99 99 99 99, which would take almost 63 hours at your speed.

00 99 99 99 99 not 99 99 99 99 99?
There might be a way to reduce the maximum number of tries to 16,777,216 by means of brute force. That would be a 83.22% reduction over 00 99 99 99 99.

Assuming whats true for the SPA is true for the P3. Do the search in Hexadecimal rather then BCD. In Hexadecimal there is one collision, no more no less, for each B0, B1 set. ( (B0 B1) B2 B3 B4 ) 256^3 = 16,777,216 ( B2 - B4 ). After you got a valid Seed / Key pair, switch to BCD for the PIN finder function.

[Power6]

Any real world examples of SPA pin + seed + key?

The algorithm is the same yes. How many examples do you need, I got plenty What would you like to see?

I've figured out the algorithm has some properties useful for security hashing that make the result always unique, the set of possible results per seed is maximal with no repeats, in a pseudo random order security of course. So no need to find every PIN match, you can look at a small set and always find a single match. This can be done with just ~17 million possible (2^24)

I see you are doing things a different way, breaking down the hashing, which is beyond my capability, but I am wondering if you have come to the same conclusion, that the actual set of PINs you need to check to find a match is not very large. Rick had been trying to explain your process to me, but I can't quite follow your code...

[Power6]

I calculated 2.75 hours. I thinking if it can be done use BCD on the P5 & P6. Everything will go faster. I already cooking a algo using your staged hash to beat the UDS timeout on the P5 & P6.

Thanks for adding some clarity Rick. Are you talking about getting around the security timeout for seed/key on the ECU? That would be needed, but it's beyond me! One thing I have discovered, is the timeout from the ECU is rudimentary, it doesn't timeout for bad key, it times out from any 3 seed/key operation within a time frame, even successful!

[RickHaleParker]

That would be needed, but it's beyond me! One thing I have discovered, is the timeout from the ECU is rudimentary, it doesn't timeout for bad key, it times out from any 3 seed/key operation within a time frame, even successful!

Did you get a length measurement of the timeout period?

[Power6]

Not until I write a tool, can I get the timeout worked out, doing it in DSA is too slow clicking a button..