Secure Multi-Path Routing with All-or-Nothing Transform for Network-on-Chip Architectures
Hansika Weerasena, Matthew Randall, Prabhat Mishra
TL;DR
The paper tackles confidentiality in Network-on-Chip communications where conventional encryption incurs prohibitive overhead for resource-constrained NoCs. It presents a lightweight framework that combines a quasi-group based All-Or-Nothing Transform with non-overlapping multi-path routing to split and conceal data across two disjoint routes, ensuring that no single router can reconstruct the original message. Key contributions include the design of a quasigroup-based AONT, a disjoint-path routing strategy with blue/red region partitioning and pivot routing, and a comprehensive evaluation showing substantial overhead reductions (about 7.3-fold) and strong eavesdropping resilience (0% under single-router threats, 0.47% under two-router threats) with notable area savings compared to AES. The results demonstrate practical, low-overhead confidentiality for NoC-based SoCs without the need for pre-shared keys, facilitating scalable and secure on-chip communications.
Abstract
Ensuring Network-on-Chip (NoC) security is crucial to design trustworthy NoC-based System-on-Chip (SoC) architectures. While there are various threats that exploit on-chip communication vulnerabilities, eavesdropping attacks via malicious nodes are among the most common and stealthy. Although encryption can secure packets for confidentiality, it may introduce unacceptable overhead for resource-constrained SoCs. In this paper, we propose a lightweight confidentiality-preserving framework that utilizes a quasi-group based All-Or-Nothing Transform (AONT) combined with secure multi-path routing in NoC-based SoCs. By applying AONT to each packet and distributing its transformed blocks across multiple non-overlapping routes, we ensure that no intermediate router can reconstruct the original data without all blocks. Extensive experimental evaluation demonstrates that our method effectively mitigates eavesdropping attacks by malicious routers with negligible area and performance overhead. Our results also reveal that AONT-based multi-path routing can provide 7.3x reduction in overhead compared to traditional encryption for securing against eavesdropping attacks.
