The unseal code is only 32 bits, right? How long does it take per attempt? Trying all 4 billion combinations might not seem that difficult.
One attempt using mefistotelis' python tool takes around 1s which includes starting of the tool. This can probably speed up when doing the loop directly in that tool instead of calling it from commandline every time, but iirc the communication protocol officially requires a wait time of 500ms.
Also officially you need to wait 5 seconds before doing an unseal command, but I tested with an Mavic Pro battery which uses the same chip but the TI default key that it also works without extra delay.
Nevertheless this would take way too long (136 years) with just a single battery.
There's software out there (paid, unfortunately) which claims to open them, so either they have hardcoded a set of known keys to try or know a specific backdoor/attack to get in. Anyone with a logic analyser and willing to pay would be able to find that out...
I found a very interesting
article about hacking the bq8030 on Karosium from Viktor.
He found a backdoor which allowed him to switch to boot-loader mode and read out the firmware. With this he was able to disassemble the code and extract the key and even identify the non-standard command sequence for that specific Sanyo firmware.
A similar attack could also work with the BQ30Z55.
I'm not sure what the "DJI Battery Killer" can do because I couldn't find a copy of it until now.
When the commercial tools use the SHA1 hash mechanism instead of the 32 bit key, then they
could do the hash calculation on their server and you need a different hash every time (challenge response protocol) and you can't extract the key from their tool.
The fact that it's a 16-bit core internally and won't be nearly as secure as something designed with serious crypto may mean that you can guess both halves separately, using the usual timing attacks. Power analysis may also work.
"guess both halves separately" sounds interesting, but I doubt it will work in this case.
The two 16 bit values are written one after the other to the battery over smbus interface.
After that you call the unseal command and after some time you can query the result.
Even if the timing is different when e.g. the first 16 bits are correct, over the slow smbus communication it is probably hard to see such a small timing difference. With direct access to the mcu and knowing how long the key validation function takes it would be feasible. Maybe measuring the mcu current could help here.
The most feasible attack seem to be social engineering.
If anyone from DJI, Asus or the 3rd party tool vendors is listening: please give us the unseal and full access keys for the DJI P3 batteries and Asus laptop batteries
.
The DJI Phantom 3 batteries are no longer sold, so it should not be a commercial problem.
When the community continues and finds a backdoor this could be used for any device which uses this chip. This can be a commercial problem for the other vendors and maybe TI. So do them and TI a favor and share the keys.
Michael