thanks all
Can I program a new key for my friends car with my Vag-com?
- Thread starter luxus panzer
- Start date
If I understand correctly I can not get the PIN with my VAG-COM, correct?
- Joined
- Jan 30, 2014
- Messages
- 2,339
- Reaction score
- 4,046
- Location
- Near Philadelphia, PA, USA
- VCDS Serial number
- --------
I doubt it. On MY 2000 and 2001 US model cars with Immo, the original keys came with a single "scratch off" tag that had the PIN for the car. But that ended at MY 2002. Of course it's possible things were done differently in other markets.
-Uwe-
-Uwe-
On older cars that use a PIN, the dealers' tool connects to VW's corporate server (via a VPN), reads VIN and Immo-ID from the car, sends those to the server, which looks up and returns the corresponding PIN from database. The dealers' tool then uses the PIN to do what it needs to do in terms of security functions -- without ever showing the PIN to the dealership. This had a glaring weakness: One could get the PIN by listening in on the connection between the dealers' tool and the car.
On newer cars that use a challenge/response, the dealer's tool connects to VW's corporate server (via a VPN), gets VIN and Immo-ID, and one-time challenge from car, sends it to the server, which computes a response from challenge, I think using car's PIN. But the PIN is never sent to to tool, only the response corresponding to challenge. So the PIN cannot be intercepted by listening, and the algorithm to generate response from challenge is not on tool either, making it difficult to reverse-engineer. Lastly, this is immune to listening in and replaying anything later because the car's challenge changes every time the ignition is cycled.
In the former case, if you have a tool that can read the PIN directly from the car, Bob's your uncle.
In the latter case, even if you can get the PIN, it generally doesn't do you much good because you'd still need the correct algorithm to generate the response from the challenge.
-Uwe-
On newer cars that use a challenge/response, the dealer's tool connects to VW's corporate server (via a VPN), gets VIN and Immo-ID, and one-time challenge from car, sends it to the server, which computes a response from challenge, I think using car's PIN. But the PIN is never sent to to tool, only the response corresponding to challenge. So the PIN cannot be intercepted by listening, and the algorithm to generate response from challenge is not on tool either, making it difficult to reverse-engineer. Lastly, this is immune to listening in and replaying anything later because the car's challenge changes every time the ignition is cycled.
In the former case, if you have a tool that can read the PIN directly from the car, Bob's your uncle.
In the latter case, even if you can get the PIN, it generally doesn't do you much good because you'd still need the correct algorithm to generate the response from the challenge.
-Uwe-