1. Reading (not modifying) data from antifuse memory in a Raspberry Pi RP2350 microcontroller
That’s correct.
That said, chip modifications are done on the same FIB machine. The cost estimate still seems accurate to me.
Atomic-Scale Limitations: At 5nm, we’re approaching atomic limits (silicon atoms are ~0.2nm). The physics of matter at this scale creates fundamental boundaries that better equipment cannot overcome.
Gallium-based FIB circuit edits can go down to ~7nm.
Helium-based FIB circuit edits (~3...5x more expensive than Gallium FIB) can go down even further, 1-2nm.
3D Transistor Structures: Modern 5nm chips use FinFET or GAAFET 3D structures rather than planar transistors. The critical parts are buried within the structure, making them fundamentally more difficult to access without destroying them.
I’d attack the silicon from the backside of the waver. Currently, nearly no chip has conductive traces or protection mechanisms on the backside. And you can directly get to the transistors & gates without needing to penetrate the interconnect structure on the front side of the waver.
(Though I want to flag that I heard that there is a push to have power distribution on the backside of the waver. So this might become harder in 2-6 years.)
I also want to flag that the attack we are discussing here (modifying the logic within the H100 die) is the most advanced invasive attack I can currently think of. Another simpler attack is to read out the secret key used for authentications. Or even simpler, you could replace the CEC1736 Root-of-Trust chip on the H100-PCB (which authenticates the H100 onboard flash) with a counterfeit one.
A paper that further elaborates on the attack vectors is coming out in 2-3 months.
That’s correct.
That said, chip modifications are done on the same FIB machine. The cost estimate still seems accurate to me.
H100s are manufactured on TSMC’s “3nm” node (a brand name), which has a Gate Pitch of 48 nm and a Metal Pitch of 24 nm. The minimum feature size is 9-12nm, according to Claude.
You are not at the physical limitations:
Gallium-based FIB circuit edits can go down to ~7nm.
Helium-based FIB circuit edits (~3...5x more expensive than Gallium FIB) can go down even further, 1-2nm.
I’d attack the silicon from the backside of the waver. Currently, nearly no chip has conductive traces or protection mechanisms on the backside. And you can directly get to the transistors & gates without needing to penetrate the interconnect structure on the front side of the waver.
(Though I want to flag that I heard that there is a push to have power distribution on the backside of the waver. So this might become harder in 2-6 years.)
I also want to flag that the attack we are discussing here (modifying the logic within the H100 die) is the most advanced invasive attack I can currently think of. Another simpler attack is to read out the secret key used for authentications. Or even simpler, you could replace the CEC1736 Root-of-Trust chip on the H100-PCB (which authenticates the H100 onboard flash) with a counterfeit one.
A paper that further elaborates on the attack vectors is coming out in 2-3 months.