1437 Security Properties and Best Practices

This enables: Cyber Security Methods | Zero-Trust Security | Threat Modeling

1437.1 Learning Objectives

By the end of this chapter, you will be able to:

Map Security Properties to Encryption Levels: Understand which E1-E5 level provides each security property
Design Defense-in-Depth Architectures: Combine multiple encryption layers for comprehensive protection
Evaluate Encryption Tradeoffs: Make informed decisions about symmetric vs asymmetric, per-device vs shared keys
Apply Best Practices: Implement comprehensive encryption for real-world IoT deployments

1437.2 Security Properties Achieved

The five-level encryption architecture addresses common IoT security requirements:

%%{init: {'theme': 'base', 'themeVariables': {'primaryColor': '#2C3E50', 'primaryTextColor': '#fff', 'primaryBorderColor': '#16A085', 'lineColor': '#16A085', 'secondaryColor': '#E67E22'}}}%%
graph TB
    subgraph Properties["Security Properties"]
        Access[Access Control<br/>Privacy]
        Auth[Authentication]
        Integrity[Data Integrity]
        Confid[Confidentiality]
        Fresh[Data Freshness]
        NonRep[Non-Repudiation]
    end

    subgraph Mechanisms["Encryption Mechanisms"]
        E1[E1: Link Layer<br/>AES-128 Shared Key]
        E2[E2: Device-Gateway<br/>AES-256 Unique Keys]
        E3[E3: Device-Cloud<br/>End-to-End AES-256]
        E4[E4: Gateway-Cloud<br/>TLS/SSL Certificates]
        E5[E5: Key Renewal<br/>RSA Signatures]
    end

    E1 -->|Provides| Access
    E1 -->|Provides| Confid
    E2 -->|Provides| Auth
    E2 -->|Provides| Integrity
    E2 -->|Provides| Fresh
    E3 -->|Provides| Confid
    E4 -->|Provides| Confid
    E4 -->|Provides| Auth
    E5 -->|Provides| Auth
    E5 -->|Provides| NonRep

    style Properties fill:#E6F2FF,stroke:#2C3E50,stroke-width:2px
    style Mechanisms fill:#D4F4DD,stroke:#16A085,stroke-width:2px

Figure 1437.1: Security properties matrix showing how E1 through E5 encryption levels provide access control, authentication, data integrity, confidentiality, freshness, and non-repudiation

1437.2.1 Access Control (Privacy)

Mechanism: AES-128 at link layer (E1)

Only nodes with shared key can access network routing
Unknown nodes rejected at first hop
Hardware implementation in radio (no MCU interrupt)
Preserves energy by not waking MCU for invalid packets

1437.2.2 Authentication

Mechanism: Private keys (E2, E5)

Each device has unique key pair
Server stores all device public keys
Signature verification proves origin
Prevents spoofing attacks

1437.2.3 Data Integrity

Mechanism: Hash algorithms (E2)

SHA-256 checksums verify content
Detects tampering or corruption
Sequence numbers prevent reordering
Combined with encryption prevents modification

1437.2.4 Data Confidentiality

Mechanism: Multi-layer encryption (E1-E4)

E1: Network-level protection
E2/E3: End-to-end protection
E4: Transport security
Defense in depth approach

1437.2.5 Data Freshness

Mechanism: Sequence numbers and timestamps (E2)

Each packet has unique seed
Prevents replay attacks
Gateway filters duplicate packets
Time-based validity windows

1437.2.6 Non-Repudiation

Mechanism: RSA signatures (E5)

Legal proof of message origin
Cannot deny sending signed message
Important for sensitive sensor data
Regulatory compliance support

Layered Encryption: Defense in Depth

The five-level encryption architecture demonstrates defense in depth—if one layer is compromised, others still provide protection:

E1 fails (shared key leaked): E2 still protects individual device data
E2 fails (device key extracted): E1 prevents network access by unauthorized nodes
E3 fails (cloud encryption broken): E1+E2 protect in-network communications
E4 fails (TLS vulnerability): E1-E3 still encrypt the underlying data

Best practice: Always implement multiple encryption layers. Single-layer encryption is a single point of failure—one compromise exposes everything.

Show code

InlineKnowledgeCheck8 = {
  const question = {
    id: "encrypt_arch_lightweight_crypto_constrained",
    question: "You're designing a wearable health monitor (ARM Cortex-M0+ @ 48 MHz, 32 KB RAM, 256 KB flash, battery: 200 mAh @ 3V for 1 year). It transmits encrypted heart rate data every 5 seconds (17,280 packets/day) via BLE to a smartphone. Standard AES-128-GCM uses 2 mJ per encryption. Lightweight ChaCha20-Poly1305 uses 0.8 mJ per encryption (60% savings) with equivalent security. Which should you choose?",
    options: [
      "Use AES-128-GCM---it's the industry standard supported by all BLE stacks, and hardware acceleration in modern BLE SoCs makes it faster than software-based ChaCha20",
      "Use ChaCha20-Poly1305---it saves 60% energy per packet, extending battery life from 9 months to 15 months (67% improvement), critical for wearables",
      "Use AES-256-GCM---the extra security is essential for sensitive medical data, and the 40% overhead is acceptable for the added protection",
      "Alternate between algorithms based on data criticality---use AES-256 for abnormal heart rate alerts, ChaCha20 for routine readings"
    ],
    correctIndex: 0,
    difficulty: "advanced",
    feedback: {
      correct: "Excellent! AES-128-GCM is the correct choice. Modern BLE SoCs (nRF52, ESP32, CC2640) include **hardware AES accelerators** that reduce encryption from ~180 us (software) to ~15-20 us (hardware) with ~0.3-0.5 mJ energy. With hardware acceleration, AES-128 is actually MORE efficient than software ChaCha20 (0.3 mJ vs 0.8 mJ). **Always check for hardware crypto support before selecting algorithms**.",
      incorrect: "Not quite. The question's energy figures assume software-only implementations. Modern BLE SoCs have hardware AES accelerators that make AES-128-GCM MORE efficient than software ChaCha20. The correct answer is **Option A**. Key principle: hardware-accelerated AES often outperforms software-optimized lightweight ciphers on IoT MCUs."
    }
  };
  return questionModule.createMultipleChoiceWidget(question);
}

1437.3 Encryption Tradeoffs

Tradeoff: Symmetric vs Asymmetric Encryption for IoT

Decision context: When selecting encryption for IoT device communications, data storage, or key exchange mechanisms.

Factor	Symmetric (AES)	Asymmetric (RSA/ECC)
Speed	100-1000x faster	Computationally intensive
Key Management	Pre-shared keys required	Public key can be freely distributed
Memory Footprint	256-512 bytes for AES	2-8 KB for RSA; 512 bytes for ECC
Power Consumption	~10 uJ per operation	~1000 uJ per RSA operation
Forward Secrecy	Not inherent (requires key rotation)	Achievable with ephemeral keys (ECDHE)
Authentication	No inherent identity proof	Digital signatures prove identity

Choose Symmetric Encryption when:

Processing high-volume data on constrained devices (sensors, actuators)
Battery life is critical and encryption frequency is high
Keys can be securely pre-provisioned during manufacturing
Real-time performance is required (sub-millisecond latency)

Choose Asymmetric Encryption when:

Establishing initial secure channels between unknown parties
Key exchange is needed without pre-shared secrets
Digital signatures are required for non-repudiation
Device identity verification or certificate-based authentication is needed

Default recommendation: Use hybrid approach - asymmetric encryption (ECC preferred for IoT) for key exchange and authentication, then symmetric encryption (AES-128/256) for bulk data protection.

Tradeoff: Per-Device Keys vs Shared Network Keys

Decision context: When provisioning encryption keys for an IoT deployment, you must decide between unique keys per device or shared keys across device groups.

Factor	Per-Device Keys	Shared Network Keys
Provisioning Complexity	High (unique key per device)	Low (one key for all devices)
Compromise Blast Radius	One device only	All devices using that key
Key Storage	Scales with device count	Constant regardless of scale
Device Authentication	Implicit (key proves identity)	Requires additional identity mechanism
Key Rotation	Complex (update each device)	Simpler (update once, propagate)
Manufacturing Integration	Requires secure provisioning line	Standard production process
Revocation	Granular (revoke single device)	All-or-nothing

Choose Per-Device Keys when:

Deployment scale exceeds 100 devices (blast radius becomes significant)
Device compromise is realistic (public locations, physical access possible)
Regulatory requirements mandate device-level accountability
Devices have secure elements or TPMs for key protection
Long deployment lifespan (10+ years) where some devices will be compromised

Choose Shared Network Keys when:

Small, controlled deployment (<50 devices in secured facility)
All devices are physically secured against tampering
Rapid deployment is prioritized over security granularity
Budget constraints prevent secure provisioning infrastructure
Prototyping or proof-of-concept before production security

Default recommendation: Always use per-device keys in production deployments. Modern IoT platforms (AWS IoT, Azure IoT Hub) provide automated per-device key provisioning.

Show code

InlineKnowledgeCheck9 = {
  const question = {
    id: "encrypt_arch_hardware_security_module",
    question: "Your industrial control system deploys 1,000 PLCs (programmable logic controllers) in critical infrastructure facilities. Each PLC stores AES-256 encryption keys in external SPI flash memory (unencrypted). An insider with physical access extracts a flash chip, reads its contents with a $50 flash reader, and recovers all encryption keys in 2 minutes. How should you re-architect key storage to prevent this attack?",
    options: [
      "Encrypt the keys stored in flash using a master key derived from the MCU's unique ID---attacker cannot read keys without knowing the derivation algorithm",
      "Store keys in the MCU's internal flash with read protection enabled---prevents external flash readers from accessing keys via SPI",
      "Use a Hardware Security Module (HSM) or Secure Element (ATECC608, TPM 2.0) with private keys stored in tamper-resistant hardware that never exposes keys, only provides encryption operations",
      "Implement key obfuscation by XORing keys with random values stored in a different flash sector---makes simple extraction useless without the XOR mask"
    ],
    correctIndex: 2,
    difficulty: "advanced",
    feedback: {
      correct: "Perfect! HSMs and Secure Elements are the correct solution for high-security key storage. Keys never leave the secure hardware---the HSM performs crypto operations internally. Tamper detection erases keys if physical attack is detected. Common IoT HSM chips: ATECC608 (~$0.50/unit), TPM 2.0, NXP EdgeLock SE050.",
      incorrect: "Not quite. MCU unique ID derivation can be reverse-engineered. Internal flash read protection can be bypassed via voltage glitching or debug exploits. XOR obfuscation is security through obscurity. The correct answer is **Option C: HSM**. Keys never leave tamper-resistant hardware---the only acceptable solution for critical infrastructure."
    }
  };
  return questionModule.createMultipleChoiceWidget(question);
}

1437.4 Common Pitfalls

Common Pitfalls in Encryption Architecture

1. Relying on Link Layer Encryption Alone (E1)

Mistake: Assuming that enabling Zigbee or Wi-Fi encryption (E1) is sufficient
Why it happens: Link layer encryption is “on by default” giving false sense of security
Solution: Implement defense-in-depth with multiple layers. In 2017, KRACK demonstrated WPA2 (E1) vulnerabilities could expose traffic

2. Using Shared Network Keys Across All Devices

Mistake: Deploying the same encryption key to thousands of IoT devices
Why it happens: Per-device keys seem operationally complex
Solution: Implement unique per-device keys with automated provisioning. The 2020 Philips Hue vulnerability showed how a single Zigbee key could unlock entire networks

3. Skipping E5 Key Rotation Due to “Perfect Forward Secrecy”

Mistake: Assuming ECDHE in TLS provides permanent protection without key renewal
Why it happens: PFS protects past sessions if long-term keys are compromised
Solution: Implement scheduled key rotation. Best practice: rotate session keys daily, device identity keys annually

Show code

InlineKnowledgeCheck10 = {
  const question = {
    id: "encrypt_arch_encryption_performance_tradeoff",
    question: "Your fleet of 5,000 battery-powered sensors uses E1 (link layer AES-128) + E4 (gateway-to-cloud TLS). Your security team recommends adding E3 (device-to-cloud AES-256 end-to-end encryption). E3 adds 12 mJ per packet overhead. Over 10 years, this reduces battery life from 10 years to 7 years, requiring mid-life battery replacement costing $250,000. Should you implement E3?",
    options: [
      "No---the $250K battery replacement cost outweighs the theoretical security benefit of E3, especially since E1 + E4 already provides strong protection",
      "Yes---data confidentiality from gateway operators is essential regardless of cost. The 30% battery life reduction is acceptable for end-to-end encryption",
      "Conditional: Perform threat modeling. If gateways are internally managed with access controls, skip E3. If using third-party gateways (cellular carriers, public LoRaWAN), implement E3 despite cost",
      "No---instead implement stronger gateway security (HSMs, audit logging, least-privilege) to protect against insider threats while avoiding battery impact"
    ],
    correctIndex: 2,
    difficulty: "advanced",
    feedback: {
      correct: "Excellent! This is **threat-model-driven security architecture**. If your company owns gateways with proper access controls, E1 + E4 may suffice. If using third-party gateways where you don't control operators, E3 is CRITICAL---you have no visibility into their security practices. **Security decisions must be risk-based, not checkbox-based**.",
      incorrect: "Not quite. The correct answer depends on your threat model. If gateways are internally managed, $250K may not be justified. If using third-party infrastructure, E3 is essential. The correct answer is **Option C: conditional based on threat model**. Security is about matching controls to actual threats."
    }
  };
  return questionModule.createMultipleChoiceWidget(question);
}

Show code

InlineKnowledgeCheck11 = {
  const question = {
    id: "encrypt_arch_common_vulnerability_hardcoded_keys",
    question: "Your development team embeds AES-256 encryption keys directly in the firmware source code as hexadecimal constants. The firmware is deployed to 10,000 devices. A security researcher buys one device, extracts the firmware using a JTAG debugger, and finds the hardcoded key. What is the FULL security impact?",
    options: [
      "Moderate impact---the extracted key only compromises that one device because each device gets a unique firmware binary with device-specific keys",
      "Minimal impact---even with the key extracted, the attacker still needs physical access to each device to intercept encrypted traffic",
      "Catastrophic impact---all 10,000 devices share the same hardcoded key. The attacker can decrypt any device's traffic and create fake devices to inject malicious data",
      "Limited impact---modern firmware uses code obfuscation and ARM TrustZone to prevent key extraction"
    ],
    correctIndex: 2,
    difficulty: "intermediate",
    feedback: {
      correct: "Exactly right! Hardcoded keys in firmware are **catastrophic**. All devices share the same binary, so all 10,000 use the SAME key. Keys are trivially extractable via JTAG, flash readers, or `strings` command. **Correct approach**: 1) Unique keys per device via secure provisioning, 2) Store keys in HSMs/Secure Elements, 3) Never hardcode secrets in source code.",
      incorrect: "Not quite. Manufacturing uses identical firmware images---per-device customization is rare. Once the key is public, anyone can decrypt any device's traffic passively. Obfuscation is security through obscurity. The correct answer is **Option C: Catastrophic impact**. All 10,000 devices are compromised from one extraction."
    }
  };
  return questionModule.createMultipleChoiceWidget(question);
}

Show code

InlineKnowledgeCheck12 = {
  const question = {
    id: "encrypt_arch_end_to_end_architecture_design",
    question: "You're architecting security for a smart city deployment with 20,000 streetlight sensors. Data flows: Sensor -> LoRaWAN Gateway -> City Network -> Cloud Analytics. City IT security policy mandates: (1) Data encrypted end-to-end, (2) Gateway operators cannot read sensor payloads, (3) Cloud platform must verify data authenticity, (4) 10-year device lifetime without maintenance. Which encryption architecture satisfies ALL requirements?",
    options: [
      "E1 (LoRaWAN AES-128) + E4 (Gateway-to-Cloud TLS 1.3)---provides encryption at wireless link and internet transport layers",
      "E2 (Sensor-to-Gateway AES-256) + E4 (Gateway-to-Cloud TLS 1.3)---unique per-device keys prevent gateway from reading payloads",
      "E1 (LoRaWAN AES-128) + E3 (Sensor-to-Cloud AES-256) + E4 (Gateway-to-Cloud TLS 1.3) + E5 (Annual ECC-based Key Rotation)---multi-layer defense with key renewal",
      "E3 (Sensor-to-Cloud AES-256 only)---bypass all intermediaries with end-to-end encryption, simplifying architecture"
    ],
    correctIndex: 2,
    difficulty: "advanced",
    feedback: {
      correct: "Perfect architectural design! **Option C** satisfies all four requirements: E3 provides true E2E (gateway cannot decrypt), E1 protects local wireless, E4 secures internet transit, and E5 enables annual key rotation for the 10-year lifecycle. This is **defense-in-depth at its finest**.",
      incorrect: "Not quite. E1 + E4 fails requirement 2 (gateways can decrypt). E2 + E4 fails because E2 terminates at gateway. E3 only fails requirement 1 (local wireless unprotected). The correct answer is **Option C: E1+E3+E4+E5**---comprehensive multi-layer protection."
    }
  };
  return questionModule.createMultipleChoiceWidget(question);
}

1437.5 Worked Example: Smart Home Hub Security Architecture

1437.6 Worked Example: Designing Encryption for a Smart Home Hub

Scenario: You are designing the security architecture for a smart home hub that connects to 50+ devices: smart locks, cameras, thermostats, and sensors. The hub has a Cortex-M4 processor (168 MHz, 256 KB RAM, 1 MB flash), runs on mains power, and connects to a cloud platform via Wi-Fi.

Goal: Design a multi-layer encryption architecture (E1-E5) that protects different data types appropriately.

Data classification:

Data Type	Sensitivity	Confidentiality	Integrity	Availability
Lock commands	Critical	High	Critical	High
Camera video	High	High	Medium	Medium
Temperature readings	Low	Low	Medium	Low
Device state (on/off)	Medium	Medium	Medium	High
User credentials	Critical	Critical	Critical	Medium
Firmware images	High	Medium	Critical	Low

Threat model:

Threat	Attack Vector	Impact	Likelihood
Eavesdropping	Sniff Wi-Fi/Zigbee	Privacy breach, lock codes exposed	High
Replay attack	Capture and replay lock command	Unauthorized entry	Medium
Man-in-middle	Intercept cloud connection	Command injection	Medium
Key extraction	Physical access to hub	Full system compromise	Low

Layer assignments:

Layer	Implementation	Protects	Algorithms
E1 (Link)	Zigbee network key	Local device-to-hub	AES-128-CCM (Zigbee 3.0)
E2 (Device-Hub)	Per-device keys	Individual device secrets	AES-128-GCM + sequence numbers
E3 (Device-Cloud)	Not used	-	Hub terminates all connections
E4 (Hub-Cloud)	TLS 1.3	Cloud communication	ECDHE-P256 + AES-128-GCM
E5 (Key Renewal)	Certificate-based	Long-term security	ECDSA-P256, 90-day rotation

Why E3 is skipped: The hub acts as a trusted gateway. End-to-end encryption from sensors to cloud would require more capable sensors and prevent local automation.

Computational budget analysis:

Operation	Time (Cortex-M4)	Per-Second Capacity
AES-128-GCM (128 bytes)	0.15 ms	6,600 blocks
ECDSA-P256 verify	25 ms	40 signatures
ECDHE key exchange	50 ms	20 key agreements
SHA-256 (1 KB)	0.5 ms	2,000 hashes

Optimization decisions:

Challenge	Solution	Impact
TLS handshake latency	Session resumption (PSK)	50ms to 5ms for repeat connections
Camera video encryption	AES-CTR (parallelizable)	30% faster than GCM for video
Battery device overhead	Integrity-only option	50% less computation for sensors

Lock command security (defense in depth):

# Lock command structure (48 bytes total)
lock_command = {
    "device_id": "lock-001",      # 12 bytes
    "action": "unlock",            # 1 byte
    "sequence": 847291,            # 4 bytes (monotonic)
    "timestamp": 1704825600,       # 4 bytes (Unix time)
    "nonce": "a7b9c2d4e5f6",       # 12 bytes (from challenge)
    "user_id": "user-42",          # 8 bytes
    "hmac": "..."                  # 16 bytes (AES-CMAC)
}

def validate_lock_command(cmd, expected_nonce, last_seq):
    # Check sequence number (replay)
    if cmd.sequence <= last_seq:
        raise ReplayError("Sequence too old")

    # Check timestamp (stale command)
    if abs(time.now() - cmd.timestamp) > 2:
        raise StaleError("Command expired")

    # Check nonce (man-in-middle)
    if cmd.nonce != expected_nonce:
        raise AuthError("Invalid challenge response")

    # Verify HMAC (integrity + authentication)
    if not verify_hmac(cmd, device_key):
        raise AuthError("HMAC verification failed")

    return True

Key hierarchy:

Master Key (in secure element)
+-- Hub Identity Key (ECDSA-P256, permanent)
|   +-- Used for: Device attestation, cloud authentication
+-- Cloud Session Keys (AES-128, derived per connection)
|   +-- Used for: TLS 1.3 traffic protection
+-- Device Group Keys (AES-128, per device type)
|   +-- Used for: Broadcast commands to all locks, all lights
+-- Per-Device Keys (AES-128, unique per device)
    +-- Used for: Individual device commands and responses

Rotation schedule:

Key Type	Rotation Period	Trigger
Cloud TLS session	1 hour	Time-based
Device session keys	24 hours	Time-based
Hub identity certificate	2 years	Certificate expiry
Compromised device key	Immediate	Manual revocation

Key decisions made and why:

Decision	Choice	Rationale
E3 (end-to-end)	Not implemented	Hub acts as trusted gateway; avoids sensor complexity
Cipher suite	AES-128-GCM	Hardware acceleration available, 128-bit sufficient
Lock protection	Sequence + timestamp + nonce	Triple defense against replay
Key storage	Secure element for master	Hardware protection prevents extraction

Quantified security posture:

Eavesdropping protection: All sensitive data encrypted (E1 + E2 + E4)
Replay attack window: 2 seconds maximum for lock commands
Key extraction difficulty: Secure element requires $10K+ attack
Firmware integrity: ECDSA signature verification on all updates
Computational overhead: < 5% CPU for typical traffic

1437.7 Summary

This chapter covered security properties and best practices:

Six Security Properties: Access control, authentication, data integrity, confidentiality, freshness, and non-repudiation each mapped to specific encryption levels (E1-E5)
Defense in Depth: Multiple encryption layers ensure that compromise of any single layer doesn’t expose the entire system
Symmetric vs Asymmetric: Use hybrid approach—asymmetric for key exchange, symmetric for bulk data
Per-Device vs Shared Keys: Always use per-device keys in production to limit blast radius of compromise
Threat-Model-Driven: Security decisions should be based on actual threat landscape, not checkboxes

1437.8 Knowledge Check

Answer the questions below. Each explanation targets a common misconception.

Question 1: At which layer does TLS/SSL primarily provide encryption?

TLS sits between applications and transport (e.g., TCP), securing the transport channel. Application payload formats are still an application concern, but TLS provides the encrypted tunnel.

Question 2: What distinguishes end-to-end encryption from hop-by-hop transport encryption?

With end-to-end encryption, only the communicating endpoints can decrypt the data; gateways, brokers, and proxies can forward traffic but can’t read the protected payload.

Question 3: If you don’t trust the gateway operator and want the payload to stay confidential end-to-end, which level best matches that goal?

E3 is the “untrusted gateway” case: the device encrypts to the cloud (or cloud key material), so the gateway can route traffic but cannot decrypt the application payload.

1437.9 What’s Next

You have completed the Encryption Architecture series. Continue your security journey with:

Cyber Security Methods: Learn how encryption enables identity verification and access control in IoT ecosystems
IoT Devices and Network Security: Apply encryption within broader IoT security strategies including secure boot and firmware updates
Threat Modeling and Mitigation: Assess which encryption levels (E1-E5) are necessary for your specific threat landscape
Zero-Trust Security: Modern security architecture that assumes no trusted zones

Related Chapters

Encryption Architecture Overview - Five-layer framework summary
E1: Link Layer Encryption - Foundation of IoT encryption
E5: Key Renewal - Long-term key management
Encryption Principles - Cryptographic fundamentals

1437.10 Visual Reference Gallery

AI-Generated Visual: AES Encryption Process

Figure 1437.2: AES Encryption Process - Block cipher transformations for IoT data protection

AI-Generated Visual: Asymmetric Encryption Architecture

Figure 1437.3: Asymmetric Encryption - Public/private key cryptography for IoT

AI-Generated Visual: DTLS Handshake Protocol

Figure 1437.4: DTLS Handshake - Secure datagram transport for constrained IoT devices

1437.11 Alternative Source Figures

Academic Resource: Edinburgh IoT Security - Symmetric Encryption Model

Diagram showing symmetric encryption flow where sender transmits plaintext through encryption algorithm using encryption key to produce ciphertext, which travels over channel where interceptor can observe but not decrypt — Symmetric encryption process showing sender, encryption algorithm, ciphertext transmission with interceptor threat, decryption algorithm, and receiver

Source: University of Edinburgh - IoT Systems Security Course

Academic Resource: Edinburgh IoT Security - Asymmetric (Public Key) Encryption

Public key encryption diagram showing sender encrypting unencrypted message with receiver's public key to produce encrypted ciphertext, transmission over network, then receiver using their private key to decrypt — Asymmetric encryption using public and private key pairs

Source: University of Edinburgh - IoT Systems Security Course

Original Source Figure: Complete Security Scheme (Alternative View)

Complete five-level IoT encryption architecture showing E1 link layer, E2 device-to-gateway, E3 device-to-cloud, E4 gateway-to-cloud TLS, and E5 asymmetric key renewal working together for defense-in-depth protection — Complete IoT security scheme

Source: CP IoT System Design Guide, Chapter 6 - Security and Privacy