2  Cryptography & Encryption

Route Map for IoT Confidentiality, Integrity, Identity, Freshness, Key Lifecycle, and Release Evidence

In 60 Seconds

This book is the cryptography and encryption route map for IoT systems. Use it to decide what security property you need, where the plaintext boundary sits, which primitive or protocol fits that boundary, how keys are provisioned and rotated, and what negative tests prove the claim before release.

Learning Objectives

By the end of this index, you will be able to:

• choose a learning path through confidentiality, integrity, identity, freshness, and key lifecycle topics;
• route an IoT security claim to the right chapter group without confusing link, transport, object, and key-renewal layers;
• identify which chapters provide implementation practice and which chapters provide release-review evidence;
• assemble a lightweight evidence checklist for cryptography decisions before reading the detailed chapters.

2.1 How to Use This Book

Cryptography fails most often at the boundary around the primitive: the wrong data is protected, the wrong endpoint is trusted, a key outlives its purpose, or evidence proves only the happy path. This book is organized to keep those decisions visible.

Figure 1: Use the route map to move from a security claim to the chapter group that proves it.

Start

New to the topic

1. Encryption Principles & Crypto Basics
2. Security Properties & Practices
3. Encryption Architecture and Levels

Build

Protect device data

1. Symmetric Encryption for IoT
2. E1 Link Layer Encryption
3. E2 Device-to-Gateway Encryption

Trust

Prove identity and origin

1. Public Key Cryptography
2. Elliptic Curve Cryptography
3. Hash Functions and Data Integrity

Operate

Manage keys over time

1. Key Management for IoT Devices
2. E5 Key Renewal and Asymmetric Trust
3. TLS and DTLS for IoT

2.2 Route by Question

Start with the claim you need to make. Then read the chapters that force the boundary, keys, and evidence to match that claim.

Question

Read First

Evidence You Should Produce

What property is required?

Security Properties & Practices and Encryption Principles

Confidentiality, integrity, identity, freshness, and accountability claims with the data owner named.

Where does plaintext appear?

Architecture and Levels, E3-E4 Transport Encryption, and TLS/DTLS

Plaintext-owner map, gateway or proxy termination decision, and logs/support bundle redaction checks.

Which primitive fits?

Symmetric Encryption, Public Key Cryptography, ECC, and Hash Functions

Primitive role, mode, nonce or context policy, peer validation, and tamper or wrong-peer rejection tests.

How are keys controlled?

Key Management and E5 Key Renewal

Provisioning boundary, protected storage, per-device scope, rotation, revocation, and old-key rejection evidence.

How do we validate release readiness?

Review Checks & Scenarios, Encryption Review Quiz, and Labs, Quiz, and Review

Negative tests, sanitized captures, secret redaction, lifecycle decisions, and exceptions that name owner and expiry.

2.3 Chapter Groups

2.3.1 Cryptography Foundations

These chapters define the vocabulary and decision model used throughout the book.

• Encryption Principles & Crypto Basics - primitive roles, boundary selection, and release evidence.
• Cryptography for IoT - algorithm choices, key boundaries, and implementation evidence.
• Security Properties & Practices - confidentiality, integrity, identity, freshness, accountability, and lifecycle claims.
• Encryption: Architecture and Levels - E1-E5 placement, plaintext ownership, and trust boundaries.

2.3.2 Symmetric Protection and Local Boundaries

These chapters help you protect traffic and frames after the key scope is known.

• Symmetric Encryption for IoT - AEAD modes, nonces, associated data, and tamper tests.
• E1 Link Layer Encryption - hop-by-hop wireless protection and shared-key blast radius.
• E2: Device-to-Gateway Encryption - gateway trust, per-device keys, replay protection, and evidence.

2.3.3 Identity, Hashing, and Key Lifecycle

These chapters focus on endpoint identity, signatures, digests, KDFs, and key operations.

• Public Key Cryptography - key agreement, signatures, certificates, and role separation.
• Elliptic Curve Cryptography for IoT - curve choice, validation, key agreement, signatures, and evidence.
• Hash Functions and Data Integrity - digests, HMAC, KDF context, password storage, and evidence.
• Key Management for IoT Devices - generation, provisioning, storage, derivation, rotation, and revocation.
• E5 Key Renewal and Asymmetric Trust - authenticated key establishment, overlap windows, and rollback prevention.

2.3.4 Transport, Firmware, and Communication Boundaries

These chapters connect cryptography decisions to deployed communication paths.

• Secure Comms & Firmware - protocol boundaries, update trust, and operational evidence.
• TLS and DTLS for IoT - transport identity, record protection, replay handling, and evidence.
• E3-E4: Transport Encryption - opaque payloads, TLS/DTLS sessions, and payload protection decisions.

2.3.5 Practice, Review, and Tools

Use these chapters after the concept chapters to test whether a decision is release-ready.

• Review: Symmetric vs Asymmetric - traffic protection, key establishment, and evidence gates.
• Review: Multi-Layer (E1-E5) - layer fit, plaintext boundary, and architecture evidence.
• Review: Checks & Scenarios - scenario review, negative tests, and release decisions.
• Encryption Review Quiz - comprehensive release-gate assessment.
• Encryption Labs and Practice - hands-on packet, boundary, and evidence labs.
• Encryption Labs, Quiz, and Review - capstone practice for layered encryption decisions.
• Interactive Cryptography Tools - visualizers, decision aids, and safe practice.
• Cipher Challenge Game - practice ciphers, attack thinking, and safe choices.

2.4 Evidence Loop

Every chapter in this book points back to the same release-review loop: name the claim, place the boundary, choose the primitive or protocol, prove key lifecycle, run negative tests, and keep evidence without leaking secrets.

Figure 2: A cryptography decision is not complete until the negative tests and redacted evidence match the claim.

1. ClaimName the required property and the data or command it protects.

2. BoundaryMark where plaintext appears and which component owns it.

3. PrimitiveSelect AEAD, HMAC, KDF, signature, key agreement, TLS, or DTLS for that boundary.

4. LifecycleDocument provisioning, storage, rotation, revocation, and old-key rejection.

5. Negative testsReject wrong peer, tampered record, reused nonce, replay, downgrade, and expired credential cases.

6. EvidenceKeep sanitized captures and logs without raw secrets or sensitive plaintext.

2.5 Start by Role

Architect

Choose the protection layer

Read architecture, E1, E2, E3-E4, TLS/DTLS, and key management. Produce a plaintext-owner map and exception register.

Firmware

Use primitives safely

Read symmetric encryption, hash functions, ECC, labs, and tools. Prove nonce policy, tamper rejection, key storage, and secret redaction.

Backend

Validate peers and messages

Read public key cryptography, TLS/DTLS, secure communications, and review scenarios. Prove wrong-peer, downgrade, replay, and stale-key failures.

Reviewer

Approve release claims

Read review chapters, labs review, and the quiz. Check evidence coverage, lifecycle decisions, and whether any claim exceeds the protected boundary.

2.6 Release Evidence Checklist

Use this before moving from chapter learning to production design.

Boundary

Plaintext is mapped

• Data owner named
• Gateway and proxy termination marked
• Logs and support bundles redacted

Primitive

Role is correct

• AEAD protects records
• HMAC or signature proves origin where needed
• KDF context separates purposes

Keys

Lifecycle is controlled

• Per-device or role scope documented
• Rotation and revocation tested
• Old credentials rejected

Tests

Failures fail closed

• Wrong peer rejected
• Tamper and replay rejected
• No cleartext fallback path

2.7 Practice: Route the Cryptography Decision

Use these checks to practice the index-level decision process before moving into the chapter details.

Check 1: Pick the First Chapter

Check 2: Match Property to Evidence

Check 3: Key Lifecycle

Check 4: Transport Claim

Label the Route Map

Code Challenge: Choose a Review Route

Order a Cryptography Review

Match Chapter Group to Evidence

2.8 Common Pitfalls

Starting with an Algorithm Name

An algorithm name is not a release claim. Start with the property, boundary, key scope, and failure behavior, then select the primitive or protocol.

Claiming End-to-End Protection After a Gateway Decrypts

Transport protection ends where the session terminates. If the gateway reads plaintext, the claim must say so or add object-level payload protection.

Treating Key Rotation as Documentation Only

Rotation is not complete until old credentials fail, rollback is handled, and devices can recover without leaking secrets.

Saving Evidence That Exposes Secrets

Evidence should prove behavior without storing raw keys, PSKs, session secrets, or sensitive plaintext in reports, logs, screenshots, or support bundles.

2.9 References

• NIST SP 800-57 Part 1 Rev. 5: Recommendation for Key Management
• NIST SP 800-56A Rev. 3: Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography
• NIST SP 800-38D: Galois/Counter Mode for Block Ciphers
• FIPS 197: Advanced Encryption Standard (AES)
• RFC 8446: The Transport Layer Security (TLS) Protocol Version 1.3
• RFC 9147: The Datagram Transport Layer Security (DTLS) Protocol Version 1.3
• RFC 5869: HMAC-based Extract-and-Expand Key Derivation Function (HKDF)

2.10 What’s Next

Begin with Encryption Principles & Crypto Basics if you are new to the book. If you are reviewing a live design, start with Encryption: Architecture and Levels, then move to the primitive, transport, and key-lifecycle chapters that match the claim.