In many modern radio architectures, such as Cloud-RAN or Virtualized RAN (vRAN), the baseband units (BBUs) are split from the radio units (RUs). With this approach, the BBUs reside on a centralized cloud server and are connected to the RUs using a high-bandwidth optical transport network. These architectures take advantage of cloud computing resources, offering significant benefits for network planning and deployment. Notwithstanding their benefits, such architectures pose significant security and privacy challenges. In particular, sensitive information transmitted over the network could be misused by the cloud provider responsible for hosting the BBU units. To address the supply chain security requirements, it is desirable to obfuscate the data provided to the BBU units.Motivated by zero-trust principles, we initiate research on secure distributed signal processing architectures, such as Cloud RAN and Open RAN. We evaluate two basic techniques to obfuscate the information transferred to the signal-processing blocks to minimize their ability to observe the information processed with a minimum penalty on the accuracy of the decoded information. Our results indicate that it is feasible to strike a reasonable trade-off between the degree of obfuscation and the symbol error probability. Our techniques can be used to mitigate supply-chain security issues and to realize zero-trust goals for physical layer signal processing pipelines.