Sounds like an interesting project.

The communication between nodes in NDB is handled by
transporters. You will find the common code for
transporters in storage/ndb/src/common/transporter.

There is also specific code for the NDB API in
storage/ndb/src/ndbapi and there is specific code for
the NDB data nodes in storage/ndb/src/kernel/vm.

The communication between 2 nodes in NDB is always
handled through one socket. There is a setup phase
that uses a text-based protocol, this part is half-duplex.

After this text-based protocol setup we use a full-duplex
protocol where we send signals.

Signals have a specific format that always starts with
3 words of 4 bytes.

There are two ways I would say to achieve your goal.
1) Convert transporters to use SSL
2) Convert the low-level protocol to include encryption bit in header

I have built a hobby project in C that uses SSL for the connections.
But this was using new code, so I haven't tried changing the NDB
code to use SSL transporters. But I am sure it should be very doable.

The second approach is to convert the signals to encrypted signals just
before sending and decrypt them when receiving the signals.

The receive part would then be handled in
storage/ndb/src/common/transporter/Packer.cpp in unpack_one.

The send part is in storage/ndb/src/commmon/transporter/TransporterRegistry.cpp
in the method prepareSendTemplate.