GM's new E99 ECM in the 2020 C8 Corvettes involves multi-factor authentication involving dealer employees & credentials and a Diffie-Hellman 2048-bit key exchange using a SHA-256 hash digest that is unique for each VIN PCM & TCM.
The Diffie-Hellman 2048/SHA-256 ECM/TCM is not a STATIC security implementation, it is currently un-crackable by even the best in the aftermarket tuning world.
Current estimates to crack Diffie-Hellman 1024 is 35,000,000 core years.
It would take 35 million CPU cores 1 year to crack a single key exchange, and the key exchange is unique for each VIN. Diffie-Hellman 2048
Forget about it, not going to happen.
Now then, a stand-alone aftermarket PCM that could partially bypass the rolling code encryption momentarily will cut off factory instrument cluster, HVAC, audio, BCM, power windows and eventually will obtain an authentication error which will alert On-Star Remote to shut down the car.
None of it will work because it has security dependencies on the factory ECM. Every module that communicates with the PCM/TCM uses 2048-bit Diffie-Hellman key exchange with an SHA-256.
Successfully flash-tuning, reprogramming & otherwise altering the engine control unit to increase power output on the 2020 C8 will be next to impossible.
The anti-hacking encryption written into the electronic control module will block any attempt to "read, write, and/or replace the standard ECU of the C8.
If the ECU detects such an effort, and that programming event fails, the Corvette C8 will enter a "recovery mode" that requires a reboot.
The C8 can be reprogrammed, but that is only GM software, and only by an entity with the proper encryption keys - meaning a trip on a flatbed to the dealer and a sure fire way to completely void your entire warranty.
The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher
Ephemeral Diffie-Hellman This is considered the most secure implementation because it provides perfect forward secrecy. It is generally combined with an algorithm such as DSA or RSA to authenticate one or both of the parties in the connection
Diffie–Hellman key exchange is a method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols, as conceived by Ralph Merkle and named after Whitfield Diffie and Martin Hellman.
DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography.
Traditionally, secure encrypted communication between two parties required that they first exchange keys by some secure physical means, such as paper key lists transported by a trusted courier.
The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher.
Diffie–Hellman is used to secure a variety of Internet services. However, research published in October 2015 suggests that the parameters in use for many DH Internet applications at that time are not strong enough to prevent compromise by very well-funded attackers, such as the security services of large governments.
The scheme was published by Whitfield Diffie and Martin Hellman in 1976, but in 1997 it was revealed that James H. Ellis, and Malcolm J. Williamson of GCHQ, the British signals intelligence agency, had previously shown in 1969 how public-key cryptography could be achieved.
Although Diffie–Hellman key agreement itself is a non-authenticated key-agreement protocol, it provides the basis for a variety of authenticated protocols, and is used to provide forward secrecy in Transport Layer Security's ephemeral modes (referred to as EDH or DHE depending on the cipher suite).
The method was followed shortly afterwards by RSA, an implementation of public-key cryptography using asymmetric algorithms.