Calculating key from seed for UDS service 27(Security access)

Question

Is there any different method for calculating key for security access service except taking 2's complement.If it is so please explain

Answer 1

The algorithm for the key calculation of SecurityAccess service depends on the particular ECU specification. To make it hard to gain access without permission usually a algorithm which requires a shared-secret-key is used (only known by the ECU and by the applications who need access).

Commonly used algorithms are i.e.

• Bitwise XOR operation on the seed
• Bitwise Shift and/or Rotation on the seed
• AES Encryption/Decryption of the seed (symmetric)
• RSA Encryption/Decryption of the seed (asymmetric)
• Combinations of these

If you asked this question to find out how the SecurityAccess on a particular ECU works, there is no way to know without the ECU specification or lots of reverse-engineering.

If you asked this question to decide on a good algorithm to be used for a new ECU, it is highly advisable to use a widely adopted cryptographic algorithm instead of reinventing it because the established algorithms are designed and reviewed by field-experts (i.e. AES-256).

Answer 2

Somewhat "standard" seems the usage of XTEA algorithm: https://en.wikipedia.org/wiki/XTEA I have seen several ECUs using it.

The (UDS) service is implemented to give secure access to internal parameters of the ECU only to approved personnel. The procedure is simple:

• Request the seed from the ECU
• So if you have the master key you can generate with the XTEA and the seed the individual KEY.
• Send seed and KEY within allowed time frame (2 secs ? implementation dependent?) back
• ==> unlocked

Now the supported UDS commands (some are standardized, some are implementation dependent) are free to use.