(Back to overview)
What means "Change RSA key" ?
In the last years in engine control units (ECUs) more and more the
That cause large problems for the tuner, who wants to have a reliable checksum correction system.
In general a simple checksum correction is impossible, because the used algorithm is still secure, see here
Because the complete RSA calculation is time-consuming and the delay between switching on the ECU and
starting the engine should not be too long, the programmers use short cuts. These short cuts reduce the
security of the algorithm and made it possible to calculate the EDC16 checksum.
The introduction of the MED/EDC17 ECUs with Tricore processor made more computing power available,
so that the precision of the calculation could be increased. Unfortunately we as a producer of checksum
correction systems cannot find out, which precision is checked in an ECU.
Therefore we created the switch "Change RSA key
If this switch is off
, the procedure known from the EDC16 is used, which calculates a result that is
correct, if the ECU works with less precision. This works fine at some EDC17, but not on all.
If the switch is active
, the existing public key is exchanged against an own public key, from which
the secret key is known. Then the result can be calculated with full precision. This public key is
not located in the data area, but in the operating system of the ECU, so that this memory area must
also be programmed. However the program in the ECU prevents that, so this cannot be done via OBD2 programming.
If the programming is done via Bootmode, the ECU has no control over that procedure, so that it is mostly possible.
Unfortunately the Tricore processor has the possibility to make some memory areas one time programmable so that no
update is possible. In these cases the ECU is secure for the actual state of
knowledge and no tuning is possible.