ShieldLink: Retry‑Aware Authenticated Encryption for Secure and Reliable Chiplet Interconnects
Keywords:
Chiplet Interconnect, Authenticated Encryption, ARQ, Gilbert–Elliott model, UCIeAbstract
Chiplet-based systems-in-package increasingly rely on high-speed die-to-die links such as UCIe and CXL, where link- layer retry mechanisms and authenticated encryption are of- ten implemented as separate reliability and security func- tions. This separation can create a time-of-check/time-of- use risk when acknowledgments advance before authentication completes. This study introduces ShieldLink, a retry-aware authenticated-encryption protocol that integrates link-layer delivery, buffer retirement, and cryptographic verification to enable secure and reliable chiplet interconnects. Shield- Link formalizes a deliverability invariant requiring CRC, se- quence, and AEAD verification before receiver advancement. It defines per-frame authentication (Mode A) and epoch authentication (Mode B), evaluates them with a discrete- event Gilbert–Elliott burst-error model, and includes bounded safety exploration plus RTL control-plane resource sizing. Mode A removes the validity-before-verification race while improving goodput by approximately 2.4–2.5 percentage points over the secure naive baseline at representative burst prob- abilities. Mode B improves wire efficiency, reaching about 0.926 at M = 32, but its epoch-retransmission cost causes a crossover around πB ≈ 0.04 under the default β = 0.2 stress regime. The results show that authenticated delivery must be treated as part of retry semantics rather than an afterthought. ShieldLink provides an auditable design invariant and practi- cal guidance on mode selection for future secure chiplet inter- connect adapters, with relevance to SDG 9: Industry, Innovation and Infrastructure.
References
[1] UCIe Consortium, “UCIe Consortium Introduces 3.0 Specification With 64 GT/s Performance and Enhanced Manageability,” Business Wire, Aug. 5, 2025. [Online]. Available: https://www.businesswire.com/news/home/20250805909613/en/UCIe-Consortium-Introduces-3.0-Specification-With-64-GTs-Performance-and-Enhanced-Manageability. Accessed: Dec. 14, 2025.
[2] CXL Consortium, “CXL Consortium Releases the Compute Express Link 4.0 Specification Increasing Speed and Bandwidth,” Nov. 18, 2025. [Online]. Available: https://computeexpresslink.org/wp-content/uploads/2025/11/CXL_4.0-Specification-Release_FINAL_Website-Copy.pdf. Accessed: Dec. 14, 2025.
[3] A. Deric, K. Mitard, S. Tajik, and D. Holcomb, “Evaluating Vulnerability of Chiplet-Based Systems to Contactless Probing Techniques,” arXiv:2405.14821, 2024. doi: 10.48550/arXiv.2405.14821.
[4] J. Talukdar, A. Chaudhuri, J. Kim, S. K. Lim, and K. Chakrabarty, “Securing Heterogeneous 2.5D ICs Against IP Theft Through Dynamic Interposer Obfuscation,” in Proc. DATE, 2023. doi: 10.23919/DATE56975.2023.10137145.
[5] M. Nabeel, M. Ashraf, S. Patnaik, V. Soteriou, O. Sinanoglu, and J. Knechtel, “2.5D Root of Trust: Secure System-Level Integration of Untrusted Chiplets,” IEEE Trans. Comput., vol. 69, no. 11, pp. 1611–1625, Nov. 2020, doi: 10.1109/TC.2020.3020777.
[6] M. Dworkin, “Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC,” NIST SP 800-38D, Nov. 2007. [Online]. Available: https://csrc.nist.gov/pubs/sp/800/38/d/final. Accessed: Dec. 14, 2025.
[7] M. S. Turan et al., “Ascon-Based Lightweight Cryptography Standards for Constrained Devices: Authenticated Encryption, Hash, and Extendable Output Functions,” NIST SP 800-232, Aug. 2025. doi: 10.6028/NIST.SP.800-232. [Online]. Available: https://csrc.nist.gov/pubs/sp/800/232/final. Accessed: Dec. 14, 2025.
[8] MITRE, “CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition,” 2024. [Online]. Available: https://cwe.mitre.org/data/definitions/367.html. Accessed: Dec. 14, 2025.
[9] E. N. Gilbert, “Capacity of a Burst-Noise Channel,” Bell Syst. Tech. J., vol. 39, no. 5, pp. 1253–1265, 1960.
[10] E. O. Elliott, “Estimates of Error Rates for Codes on Burst-Noise Channels,” Bell Syst. Tech. J., vol. 42, no. 5, pp. 1977–1997, 1963.
[11] S. Khalaj Monfared, M. Saadat Safa, and S. Tajik, “ChipletQuake: On-Die Digital Impedance Sensing for Chiplet and Interposer Verification,” Sensors, vol. 25, no. 15, Art. no. 4861, Aug. 2025, doi: 10.3390/s25154861.
[12] N. Mishra, A. Chakraborty, and D. Mukhopadhyay, “Faults in Our Bus: Novel Bus Fault Attack to Break ARM TrustZone,” in Proc. Network and Distributed System Security Symposium (NDSS), 2024, doi: 10.14722/ndss.2024.24499.
[13] S. Hristozov, M. Wettermann, and M. Huber, “A TOCTOU Attack on DICE Attestation,” in Proc. ACM Conference on Data and Application Security and Privacy (CODASPY), 2022, doi: 10.1145/3508398.3511507.
[14] L. Lamport, Specifying Systems: The TLA+ Language and Tools for Hardware and Software Engineers. Addison-Wesley, 2002.
Additional Files
Published
How to Cite
Issue
Section
License
Copyright (c) 2026 Michel Nguyen

This work is licensed under a Creative Commons Attribution 4.0 International License.