CANbus protocol makes this hard. Payloads are limited to 64 bits, to start with. But the payload for each message could be encrypted, even though secure key exchange would be difficult.
It's so hard that (almost) every European manufacturer figured it out.
There is also FlexRay. There is nothing interesting you can do with CANbus on new mercs. Even unencrypted CANbus messages go through gateways that (could) prevent headlights from reporting key presence.
There is a reason that some cars don't have reasonable attack vectors (excluding parachuting the driver out of the car) and some can be started with a screwdriver (or slight more involved way with CANbus). It's not complexity, it's cost.
There is also FlexRay. There is nothing interesting you can do with CANbus on new mercs. Even unencrypted CANbus messages go through gateways that (could) prevent headlights from reporting key presence.
There is a reason that some cars don't have reasonable attack vectors (excluding parachuting the driver out of the car) and some can be started with a screwdriver (or slight more involved way with CANbus). It's not complexity, it's cost.