It is similar in that it is a key challenge exchange, but that is about it. What is your goal? Depending on what it is I might be able to point you in the right direction time permitting.
There is a lot of extra stuff to stop replay attacks, it also performs some kind of checksum on the responses. The actual alg looks similar in that it is some kind of XOR type of encryption. It looks like a multi part exchange that has a few more steps than the security unlock. We have disassembled the PCM to a high level, but none of the other modules. So to fully emulate it you'd need to do the BCM as well. But I can get some ideas about what the PCM side is doing from the work we have done to date.
Hey Roland,
Id hazard a guess the XOR check sum is likely a CRC-8 checksum. Nissan are known for it on critical messages too.
Security type challenges ive seen documented (by the manufacturer) for other vehicles, is often taking the original value, inverting every bit.
Add specific values to certain bytes, invert it all again, and then send it as the challenge response. All of it carries normally something like a CRC8 checksum too.
This is all on the CANBUS not what the remotes are using.
CAN Messages
in General
Posted
Hey Roland,
Id hazard a guess the XOR check sum is likely a CRC-8 checksum. Nissan are known for it on critical messages too.
Security type challenges ive seen documented (by the manufacturer) for other vehicles, is often taking the original value, inverting every bit.
Add specific values to certain bytes, invert it all again, and then send it as the challenge response. All of it carries normally something like a CRC8 checksum too.
This is all on the CANBUS not what the remotes are using.