6 Encryption: Architecture and Levels

Prerequisites: Security and Privacy Overview | Encryption Principles and Crypto Basics

This enables: Cyber Security Methods | IoT Devices and Network Security

6.1 Learning Objectives

By the end of this chapter series, you will be able to:

Design Multi-Layer Encryption: Implement IoT encryption strategies across E1-E5 levels (device to cloud)
Select Encryption Protocols: Choose appropriate encryption for link layer, transport layer, and application layer
Implement End-to-End Security: Design systems where data remains encrypted throughout the entire data path
Configure TLS/DTLS: Deploy transport security for constrained IoT devices with appropriate cipher suites
Apply Key Hierarchy: Design key management architectures using master keys, session keys, and device keys
Optimize for Constraints: Balance security strength with computational and power limitations of IoT devices

In 60 Seconds

IoT encryption is organized into five architectural levels (E1–E5) from physical link encryption to cloud-tier key management, each addressing different threat models and performance tradeoffs.

MVU: Minimum Viable Understanding

If you only have 5 minutes, here’s what you need to know about IoT encryption architecture:

Five layers, not one - IoT encryption uses E1-E5 layers working together: link (E1), device-gateway (E2), device-cloud (E3), gateway-cloud (E4), and key renewal (E5)
Defense in depth - If one layer is compromised, others continue protecting your data
Different keys for different scopes - Shared network keys for E1, per-device keys for E2/E3, TLS certificates for E4
TLS/DTLS is not enough - Transport security alone doesn’t protect data from compromised gateways; you need E3 end-to-end encryption

Bottom line: Never rely on a single encryption layer. Design IoT systems with at least E1 (link) + E2 (device) + E4 (transport), and add E3 (end-to-end) when gateways cannot be fully trusted. Rotate keys periodically (E5) to limit damage from key compromise.

For Beginners: Encryption Architecture and Levels

What is Encryption Architecture? Encryption architecture describes how IoT systems protect data by applying encryption at multiple layers as information travels from devices through networks to cloud services. Instead of relying on a single encryption method, a layered approach ensures that even if one security layer is compromised, others continue protecting your data—similar to securing a package with multiple locked boxes.

Why does it matter? A single encryption layer creates a single point of failure. Multi-layer encryption (E1-E5) provides defense-in-depth: E1 protects device-to-device communications at the link layer, E2 secures device-to-gateway connections, E3 enables end-to-end encryption even through untrusted intermediaries, E4 protects gateway-to-cloud communications with industry-standard TLS, and E5 handles periodic key renewal using asymmetric cryptography. This architecture ensures compromising one layer doesn’t expose the entire system.

Key terms:

Term	Definition
E1 (Link Layer)	Encryption between devices on the same network (e.g., AES-128 on Zigbee) using shared keys
E2 (Device-to-Gateway)	Application-layer encryption with unique per-device keys ensuring intermediate nodes can’t read data
E3 (Device-to-Cloud)	Direct encryption from device to cloud allowing use of untrusted gateways
E4 (Gateway-to-Cloud)	Industry-standard TLS/DTLS securing internet communications like online banking
E5 (Key Renewal)	Periodic refresh of symmetric keys using RSA/ECC public-key cryptography for long-term security
Defense in Depth	Security strategy using multiple independent layers so breach of one doesn’t compromise all

6.2 Chapter Overview

Interactive: E1-E5 Multi-Layer Encryption

IoT systems require multi-layered encryption strategies to protect data as it flows from devices through gateways to cloud services. This chapter series defines five encryption levels (E1-E5) that work together to create a complete security scheme.

The following diagram illustrates how data travels through multiple encryption layers, each providing protection at a different scope:

Flowchart showing data flow from IoT device through E1 link layer encryption using AES-128 shared key, then E2 device-gateway encryption with per-device key and nonce, passing through gateway for aggregation and routing, then E4 transport layer protection using TLS/DTLS certificates, finally reaching cloud platform for data processing and storage. Each layer is color-coded: navy for device and cloud, teal for E1 and E4, orange for E2, and gray for gateway. — IoT encryption architecture showing five layers (E1-E5) protecting data from device to cloud

6.3 Alternative View: Stacked Encryption Layers

Diagram showing five stacked encryption layers E1 through E5: E1 link layer at bottom using AES-128 shared keys, E2 device-to-gateway layer with per-device keys, E3 device-to-cloud end-to-end encryption, E4 gateway-to-cloud TLS/DTLS transport security, and E5 key renewal using asymmetric cryptography at top. Arrows show data protection scope expanding from local hop to full end-to-end coverage. — Five-layer encryption architecture E1 through E5 providing defense-in-depth protection for IoT data

6.3.1 The Five Encryption Levels (E1-E5)

Level	Name	Protects	Typical Mechanism	Analogy
E1	Link Layer	Local wireless hop confidentiality/integrity	Link-layer AEAD (e.g., AES-CCM/CCM*)	Locked box (local hop)
E2	Device-Gateway	Per-device confidentiality + integrity + replay protection	Per-device keys + AEAD + nonces	Sealed envelope addressed to gateway
E3	Device-Cloud (End-to-End)	Payload confidentiality through untrusted intermediaries	End-to-end payload encryption	Locked safe inside delivery truck
E4	Gateway-Cloud (Transport)	Secure transport across the internet	TLS/DTLS with certificates	Armored truck on highway
E5	Key Renewal	Key freshness, revocation, and blast-radius reduction	PKI + provisioning + rotation	Changing locks on schedule

The following diagram illustrates which threats each encryption layer protects against:

Quadrant diagram showing four threat categories and which encryption layers protect against each. Eavesdropping threats are covered by E1 E2 E3 E4. Replay attacks are protected by E2 with nonces. Compromised gateway threats are mitigated by E3 end-to-end encryption. Key compromise damage is limited by E5 key rotation. Each quadrant uses IEEE colors with navy for headers, teal for protection indicators, and orange for threat labels. — Encryption layers mapped to threats they protect against

Sensor Squad: Sammy’s Secret Message Adventure!

Hey there, young engineer! Let’s learn about encryption layers with the Sensor Squad!

Sammy the Sensor wants to send a secret message to the Cloud Castle, but there are sneaky spies trying to read it along the way!

The Five-Lock Protection System:

Sammy and friends use FIVE different locks to keep the message safe:

Lock #1 (E1) - The Neighborhood Lock: Sammy puts the message in a box and locks it with a key that all the neighbors share. This keeps strangers on the street from reading it!
Lock #2 (E2) - Sammy’s Personal Lock: Inside that box, Sammy puts ANOTHER locked box that only Sammy and the Gateway Guard can open. Even nosy neighbors can’t peek!
Lock #3 (E3) - The Cloud Castle Lock: For super-secret messages, Sammy adds a THIRD lock that only the Cloud Castle can open. Even the Gateway Guard can’t read it!
Lock #4 (E4) - The Highway Guard Lock: When the message travels on the big internet highway, it gets wrapped in a super-strong armored truck (that’s TLS!).
Lock #5 (E5) - Changing the Locks: Every so often, everyone gets NEW keys so old stolen keys won’t work anymore!

Why So Many Locks?

Lila the Light Bulb explains: “If a bad guy steals ONE key, they still can’t read your message because it has OTHER locks they don’t have keys for! It’s like a treasure chest inside a safe inside a vault!”

Sensor Squad Memory Trick:

E1 = Everyone in the neighborhood shares this key
E2 = Each device has its own special key
E3 = End-to-end means only the START and END can read it
E4 = Express highway protection (TLS)
E5 = Exchange old keys for new ones regularly

Fun Fact: Real IoT devices use math puzzles called AES-128 that are so hard, even the fastest supercomputer would take billions of years to solve without the key!

6.4 Chapter Organization

This topic has been organized into focused chapters for better learning:

6.4.1 E1: Link Layer Encryption

Learn how device-to-device encryption protects local wireless communications using AES-128 with shared network keys. Covers:

E1 implementation details and AES-CCM
Shared key vulnerability and mitigations
Performance on IoT platforms
Common misconceptions about link-layer security

6.4.2 E2: Device-to-Gateway Encryption

Explore per-device keys that ensure authenticity and prevent intermediate nodes from reading data. Covers:

E2 packet structure with sequence numbers and checksums
Replay attack protection mechanisms
RSA vs ECC tradeoffs for key exchange
Pre-shared keys vs certificate-based authentication

6.4.3 E3-E4: Transport and End-to-End Encryption

Understand device-to-cloud direct encryption (E3) and gateway-to-cloud TLS (E4). Covers:

E3 for untrusted gateway scenarios
TLS 1.3 configuration for IoT gateways
Cipher suite selection and session resumption
Common pitfalls in secure communication

6.4.4 E5: Key Renewal and Asymmetric Cryptography

Master periodic key refresh using asymmetric encryption for long-term security. Covers:

RSA/ECC for secure key distribution
Key rotation strategies and schedules
TLS handshake performance analysis (worked example)
Hash collision probability calculator

6.4.5 Security Properties and Best Practices

Apply defense-in-depth strategies and avoid common pitfalls. Covers:

Security properties achieved by each layer
Symmetric vs asymmetric tradeoffs
Per-device keys vs shared network keys
Comprehensive worked example: Smart home hub security

How It Works: Multi-Layer Encryption in Action

Understanding how the five encryption layers work together is critical for IoT security. Each layer operates independently but coordinates to provide comprehensive protection.

Step-by-step process for a sensor reading traveling to the cloud:

Device encrypts at E2 level: Sensor encrypts reading with its unique per-device key + sequence number
E1 adds link protection: Zigbee/802.15.4 wraps E2 packet with shared network encryption
Gateway validates E2: Gateway verifies sequence number (replay protection), strips E1, forwards E2 payload
E4 transport layer: Gateway wraps forwarded data in TLS tunnel to cloud
Cloud decrypts E2: Cloud uses device’s unique key to decrypt original sensor reading
E5 periodically refreshes: Every 90 days, cloud sends new E2 key encrypted with device’s RSA/ECC public key

Key observation: Data remains encrypted through every hop. Even if E1 is compromised (shared network key leaked), the E2 payload remains protected. Even if the gateway is compromised, E3-encrypted portions remain secure.

6.5 Key Insight

Defense in Depth

IoT encryption architecture uses five complementary layers (E1-E5) to create defense in depth: E1 protects local wireless hops, E2 secures device-to-gateway communication with unique per-device keys, E3 provides true end-to-end encryption through untrusted intermediaries, E4 uses industry-standard TLS/DTLS for internet transport, and E5 handles ongoing key renewal.

A single encryption layer is a single point of failure. By layering multiple encryption mechanisms, you ensure that compromise of any one layer still leaves others protecting your data, and you gain flexibility to use lightweight crypto where needed while maintaining strong protection for sensitive payloads throughout the entire data path.

6.6 Knowledge Check

Quiz: Encryption Architecture and Levels

Worked Example: Smart Factory Multi-Layer Encryption Design

Scenario: Manufacturing plant deploys 500 industrial sensors (temperature, pressure, vibration) connected via Zigbee to 10 gateways, which communicate with cloud analytics platform.

Security Requirements:

Confidentiality: Sensor data contains proprietary process parameters
Integrity: Tampered readings could damage equipment worth $2M
Availability: 99.9% uptime requirement
Compliance: ISO 27001, IEC 62443 industrial security standards

Threat Model:

Threat	Attack Vector	Impact	Likelihood
Industrial espionage	Wireless sniffing of Zigbee traffic	High	Medium
Malicious insider	Gateway compromise	Critical	Low
Supply chain attack	Compromised firmware in sensors	Critical	Low
Replay attack	Re-send old commands to equipment	Critical	Medium

Multi-Layer Encryption Design:

E1: Link Layer (Zigbee Network)

Algorithm: AES-128-CCM
Key: Shared Zigbee network key (rotated quarterly)
Purpose: Protect wireless hop from sensor to gateway
Implementation: Built into Zigbee protocol stack

Effectiveness against threats:
 Wireless sniffing: Encrypted RF prevents eavesdropping
 Gateway compromise: Gateway has network key
 Supply chain: Link layer can't detect malicious firmware
 Replay: No sequence number at link layer

E2: Application Layer (Per-Device Keys)

Algorithm: AES-128-GCM with sequence numbers
Key: Unique per-sensor key (500 keys total)
Nonce: Monotonic counter, reject duplicates
Purpose: Prevent gateway from reading sensor data, detect replays

// E2 Packet Structure
struct E2Packet {
  uint32_t deviceId;          // 4 bytes
  uint32_t sequenceNumber;    // 4 bytes (prevents replay)
  uint8_t encryptedPayload[32]; // Sensor reading + timestamp
  uint8_t authTag[16];        // GCM authentication tag
}; // Total: 56 bytes

Effectiveness against threats:
 Wireless sniffing: E1 already covered
 Gateway compromise: Gateway can't decrypt sensor data
 Supply chain: Malicious firmware has device key
 Replay: Sequence numbers prevent replay attacks

E3: End-to-End (Device-to-Cloud)

Algorithm: ChaCha20-Poly1305
Key: Per-device key provisioned at manufacturing
Purpose: Data remains encrypted through untrusted gateway

Effectiveness against threats:
 Wireless sniffing: E1 already covered
 Gateway compromise: Gateway only forwards encrypted blobs
 Supply chain: Cloud verifies device certificates before accepting data
 Replay: E2 sequence numbers still enforced

E4: Transport Layer (Gateway-to-Cloud)

Protocol: TLS 1.3 with mutual authentication
Cipher: TLS_AES_128_GCM_SHA256
Certificates: X.509 certificates for both gateway and cloud

Effectiveness against threats:
 Man-in-the-middle: TLS prevents MITM on internet
 Gateway spoofing: Mutual auth requires valid certificate

E5: Key Rotation

E1 keys: Rotated every 90 days via Zigbee out-of-band commissioning
E2/E3 keys: Rotated annually using ECDH key exchange
E4 certificates: 2-year validity, automated renewal via ACME protocol

Performance Analysis:

Metric	E1 Only	E1+E2	E1+E2+E3	E1+E2+E3+E4
Encryption time (ms)	0.5	0.8	1.2	1.3
Message size (bytes)	32	56	58	58
Power per message (mJ)	0.8	1.1	1.5	1.6
Security level	Low	Medium	High	Very High

Cost-Benefit Analysis:

Security Layer	Implementation Cost	Annual Maintenance	Breach Prevention
E1 only	$0 (built-in)	$0	Stops casual eavesdropping
+E2	$50,000	$10,000	Stops gateway compromise
+E3	$30,000	$5,000	Stops man-in-the-middle
+E4	$80,000	$20,000	Meets ISO 27001
+E5	$40,000	$15,000	Limits key compromise damage
Total	$200,000	$50,000	Prevents $2M+ breach

Decision: Implement E1+E2+E3+E4+E5 full stack. Manufacturing process data is worth $2M if stolen. Investment ($200K + $50K annual) provides 10x ROI even if breach probability is only 10% over 5 years.

Key Insights:

E1 alone is insufficient—gateway is single point of failure
E2 prevents replay attacks through sequence numbers
E3 enables use of untrusted gateways (future cloud migration)
E4 meets compliance requirements
E5 limits damage from inevitable key compromise

Decision Framework: How Many Encryption Layers Does Your IoT System Need?

Use this decision tree to determine appropriate encryption architecture:

START: Assess your system characteristics

Q1: Is your gateway fully trusted?
--- YES -> Do sensors communicate over wireless?
|  --- YES -> E1 (link layer) + E4 (transport)
|  --- NO -> E4 (transport) only
|
--- NO -> Gateway is untrusted or cloud-hosted
   --- REQUIRED: E1 + E2 + E3 + E4

Q2: Do you have regulatory requirements?
--- Medical (FDA) -> E1 + E2 + E4 + E5
--- Industrial (IEC 62443) -> E1 + E2 + E4 + E5
--- Financial (PCI-DSS) -> E1 + E2 + E3 + E4 + E5
--- Consumer -> E1 + E4 (minimum)

Q3: What is the value of your data?
--- Low (<$10K breach cost) -> E1 + E4
--- Medium ($10K-$100K) -> E1 + E2 + E4
--- High ($100K-$1M) -> E1 + E2 + E3 + E4 + E5
--- Critical (>$1M) -> E1 + E2 + E3 + E4 + E5 + HSM

Q4: How long is device lifetime?
--- <2 years -> E1 + E4
--- 2-5 years -> E1 + E2 + E4 + E5
--- >5 years -> E1 + E2 + E3 + E4 + E5 (with key rotation)

Minimum Viable Security by Use Case:

Use Case	Min Layers	Rationale
Smart home (trusted hub)	E1 + E4	Hub is under physical control
Smart home (cloud hub)	E1 + E2 + E3 + E4	Cloud provider is untrusted
Industrial sensors	E1 + E2 + E4 + E5	Prevent gateway compromise
Medical devices	E1 + E2 + E3 + E4 + E5	Regulatory + life-critical
Fleet tracking	E1 + E4	Low-value data, cost-sensitive
Financial PoS	E1 + E2 + E3 + E4 + E5	PCI-DSS compliance

Layer Selection Matrix:

Threat	E1	E2	E3	E4	E5
RF eavesdropping	Yes
Gateway compromise		Yes	Yes
Replay attacks		Yes
MITM on internet				Yes
Key compromise					Yes
Long-term security					Yes

Red Flags Requiring Additional Layers:

Gateway processes data: Add E2 to prevent gateway reading
Third-party gateway: Add E3 for end-to-end encryption
Long deployment (>5 years): Add E5 for key rotation
High-value data: Add all layers + hardware security module

Common Mistake: Assuming E4 (TLS) Alone Is Sufficient

The Mistake: Many developers think “we use HTTPS, so our data is encrypted” and implement only E4 (TLS/DTLS) without considering other layers.

Why This Fails:

TLS/DTLS encrypts data in transit between two endpoints. But IoT systems often have multiple hops:

Sensor -> [E1] -> Gateway -> [E4] -> Cloud

With ONLY E4:
- E1 gap: Sensor-to-gateway wireless is UNENCRYPTED
- Gateway sees plaintext: Can read, modify, or log all sensor data

Real-World Example:

Smart building energy management:

1,000 sensors measure power consumption per office
Sensors connect to gateway via Wi-Fi
Gateway sends aggregated data to cloud via HTTPS
Company claims “data is encrypted with HTTPS”

The problem:

Wi-Fi traffic between sensor and gateway: UNENCRYPTED at the application layer
- Attacker with Wi-Fi sniffer can read all sensor data
- WPA2-Personal encryption uses a shared passphrase—any device on the network can decrypt traffic from other devices, providing no per-device isolation
Gateway has plaintext access:
- Gateway vendor can log data and sell to competitors
- Gateway compromise exposes ALL current and historical data
- No way to detect if gateway is modified

Attack demonstration:

# Attacker joins same Wi-Fi network
$ sudo tcpdump -i wlan0 'port 1883'

# Captures unencrypted MQTT traffic:
{"sensor": "office-42", "power_kwh": 1250, "cost_usd": 187.50}
{"sensor": "office-43", "power_kwh": 890, "cost_usd": 133.50}

# Result: Competitor learns which offices have most activity

The fix: Implement defense-in-depth:

Layer	Protection	Prevents
E1 (Wi-Fi WPA3-Enterprise)	Wireless encryption with per-device keys	Casual sniffing + per-device isolation
E2 (AES-GCM per-device keys)	Application-layer encryption	Gateway reading data
E4 (TLS 1.3)	Transport security	Internet MITM

Cost of mistake:

One smart building company lost major contract ($5M annual) when competitor obtained energy usage patterns
Forensic analysis traced leak to unencrypted sensor-gateway communication
Adding E1+E2 would have cost $30K—less than 1% of lost contract

The principle: Trust boundaries require encryption boundaries. If you don’t fully trust the gateway (vendor, cloud provider, physical security), you MUST encrypt before data reaches it (E2/E3).

Quick check: Draw your system architecture. At each component, ask: “If this component is fully compromised, what data is exposed?” If the answer is “everything,” you need additional encryption layers.

Concept Relationships

Understanding how encryption layers relate to each other helps you design complete security architectures.

Concept	Depends On	Enables	Common Confusion
E1 (Link Layer)	Shared network key	Local hop confidentiality	“E1 alone is secure” - NO, all devices share the key
E2 (Device-Gateway)	Per-device unique keys	Authentication + replay protection	“E2 = end-to-end” - NO, gateway can decrypt
E3 (Device-Cloud)	E2 architecture	Untrusted gateway scenarios	“E3 replaces E2” - NO, they complement each other
E4 (Gateway-Cloud)	TLS/DTLS certificates	Internet transport security	“E4 protects device data” - NO, only gateway-cloud leg
E5 (Key Renewal)	Asymmetric crypto (RSA/ECC)	Forward secrecy, key rotation	“E5 is optional” - NO, critical for long deployments

Hierarchy: E1 is contained within E2 (E2 encrypted payload travels inside E1 encrypted frame). E4 wraps everything for internet transit. E3 bypasses gateway decryption. E5 refreshes keys for E1-E4.

Key distinction: E2 (device-gateway) vs E3 (device-cloud). E2 allows gateway processing but requires gateway trust. E3 prevents gateway access but sacrifices edge analytics.

6.7 Putting Numbers to It: Layer Overhead and Cascade Latency

Multi-layer encryption overhead is the cumulative computational cost and packet expansion when data traverses multiple encryption layers (E1-E5).

\[\text{Total Latency} = \sum_{i=1}^{n} L_i + \sum_{i=1}^{n-1} T_i\]

where $L_i$ is encryption time for layer $i$ and $T_i$ is transmission delay between layers.

Working through an example:

Given: IoT sensor sends 32-byte reading through E1 (link) + E2 (device-gateway) + E4 (gateway-cloud TLS) layers.

Step 1: Calculate per-layer overhead - E1 (AES-128-CCM): 16-byte nonce + 8-byte MIC = 24 bytes overhead - E2 (AES-128-GCM): 4-byte seq + 12-byte nonce + 16-byte tag = 32 bytes overhead - E4 (TLS record): 5-byte header + 16-byte tag = 21 bytes overhead

\[\text{Total packet} = 32 + 24 + 32 + 21 = 109\text{ bytes}\]

Step 2: Calculate encryption latency (ESP32 @ 240 MHz with hardware AES) - E1 encrypt: 8 us - E2 encrypt: 12 us - E4 record: 15 us

\[\text{Total crypto time} = 8 + 12 + 15 = 35\text{ }\mu\text{s}\]

Result: Multi-layer encryption adds 77 bytes (241% overhead) and 35 us latency to 32-byte payload.

In practice: On LoRaWAN with 51-byte payload limits, E1+E2+E4 cascading (109 bytes) exceeds limits—you must choose layers strategically. For battery devices, 35 us is negligible compared to 4.3 ms radio transmission.

Show code

viewof payloadSize = Inputs.range([8, 128], {value: 32, step: 1, label: "Payload size (bytes)"})
viewof useE1 = Inputs.toggle({label: "E1 (Link Layer - AES-128-CCM)", value: true})
viewof useE2 = Inputs.toggle({label: "E2 (Device-Gateway - AES-128-GCM)", value: true})
viewof useE3 = Inputs.toggle({label: "E3 (End-to-End - ChaCha20-Poly1305)", value: false})
viewof useE4 = Inputs.toggle({label: "E4 (Transport - TLS 1.3)", value: true})

Show code

overheadCalc = {
  let e1Overhead = useE1 ? 24 : 0;   // 16-byte nonce + 8-byte MIC
  let e2Overhead = useE2 ? 32 : 0;   // 4-byte seq + 12-byte nonce + 16-byte tag
  let e3Overhead = useE3 ? 28 : 0;   // 12-byte nonce + 16-byte tag
  let e4Overhead = useE4 ? 21 : 0;   // 5-byte header + 16-byte tag
  let totalOverhead = e1Overhead + e2Overhead + e3Overhead + e4Overhead;
  let totalPacket = payloadSize + totalOverhead;
  let overheadPct = payloadSize > 0 ? ((totalOverhead / payloadSize) * 100).toFixed(0) : 0;

  let e1Latency = useE1 ? 8 : 0;
  let e2Latency = useE2 ? 12 : 0;
  let e3Latency = useE3 ? 10 : 0;
  let e4Latency = useE4 ? 15 : 0;
  let totalLatency = e1Latency + e2Latency + e3Latency + e4Latency;

  let layerCount = [useE1, useE2, useE3, useE4].filter(x => x).length;
  let fitsLoRaWAN = totalPacket <= 51;
  let fitsBLE = totalPacket <= 244;

  return {totalOverhead, totalPacket, overheadPct, totalLatency, layerCount, fitsLoRaWAN, fitsBLE,
          e1Overhead, e2Overhead, e3Overhead, e4Overhead,
          e1Latency, e2Latency, e3Latency, e4Latency};
}

Show code

html`<div style="border-left: 4px solid #3498DB; padding: 12px 16px; margin: 16px 0; background: #f8f9fa; border-radius: 0 4px 4px 0;">
<h4 style="margin-top: 0; color: #2C3E50;">Encryption Overhead Calculator</h4>
<table style="width: 100%; border-collapse: collapse; font-size: 0.95em;">
<tr style="background: #2C3E50; color: white;">
  <th style="padding: 8px; text-align: left;">Metric</th>
  <th style="padding: 8px; text-align: right;">Value</th>
</tr>
<tr><td style="padding: 6px 8px;">Original payload</td><td style="padding: 6px 8px; text-align: right;">${payloadSize} bytes</td></tr>
<tr style="background: #f0f0f0;"><td style="padding: 6px 8px;">Active layers</td><td style="padding: 6px 8px; text-align: right;">${overheadCalc.layerCount}</td></tr>
<tr><td style="padding: 6px 8px;">Total overhead</td><td style="padding: 6px 8px; text-align: right;"><strong>${overheadCalc.totalOverhead} bytes</strong> (${overheadCalc.overheadPct}%)</td></tr>
<tr style="background: #f0f0f0;"><td style="padding: 6px 8px;">Total packet size</td><td style="padding: 6px 8px; text-align: right;"><strong>${overheadCalc.totalPacket} bytes</strong></td></tr>
<tr><td style="padding: 6px 8px;">Encryption latency (ESP32 HW AES)</td><td style="padding: 6px 8px; text-align: right;">${overheadCalc.totalLatency} us</td></tr>
<tr style="background: ${overheadCalc.fitsLoRaWAN ? '#d4edda' : '#f8d7da'};"><td style="padding: 6px 8px;">Fits LoRaWAN (51 bytes max)?</td><td style="padding: 6px 8px; text-align: right;">${overheadCalc.fitsLoRaWAN ? 'Yes' : 'No -- exceeds limit by ' + (overheadCalc.totalPacket - 51) + ' bytes'}</td></tr>
<tr style="background: ${overheadCalc.fitsBLE ? '#d4edda' : '#f8d7da'};"><td style="padding: 6px 8px;">Fits BLE (244 bytes max)?</td><td style="padding: 6px 8px; text-align: right;">${overheadCalc.fitsBLE ? 'Yes' : 'No -- exceeds limit'}</td></tr>
</table>
<p style="margin-bottom: 0; font-size: 0.85em; color: #7F8C8D;"><em>Toggle layers above and adjust payload size to explore how multi-layer encryption affects packet overhead and protocol compatibility.</em></p>
</div>`

6.8 See Also

Security Context:

Security Overview - Security introduction
Encryption Principles - Cryptographic fundamentals
Threats and Vulnerabilities - What encryption protects against

Implementation:

E1: Link Layer Encryption - Local wireless protection details
Key Management - Managing keys across all five layers
Secure Data and Software - Applying encryption in practice
Device and Network Security - Network-level encryption

Design Patterns:

Zero-Trust Security - Why E3 is critical for untrusted networks

Practice and Labs:

Encryption Labs - Hands-on practice
Interactive Tools - Encryption layer simulators and calculators
Quiz Navigator - Encryption quizzes
Simulations Hub - Encryption Layer Tester

Match the Encryption Layer

Key Concepts

E1 (Link Layer Encryption): Encryption at the physical/data link layer protecting data hop-by-hop between directly connected nodes; lowest latency, least overhead.
E2 (Device-to-Gateway Encryption): Application-layer encryption from sensor to gateway using per-device unique keys; intermediate nodes cannot read the payload.
E3 (Gateway-to-Cloud Encryption): TLS/DTLS protecting data as it travels from an IoT gateway to a cloud service over the internet.
E4 (End-to-End Encryption): Encryption spanning from the end device all the way to the cloud application layer, ensuring no intermediate node can decrypt.
E5 (Key Management): The infrastructure layer managing key generation, distribution, rotation, and revocation across all encryption levels.
Defense in Depth: A security strategy using multiple independent layers of protection so that failure of one layer does not expose the entire system.
Key Hierarchy: A structured arrangement of cryptographic keys where master keys protect session keys, which in turn protect data, limiting exposure of any single key.

Order the Encryption Layers

Place the five encryption levels in order from the lowest (closest to the physical radio) to the highest (key management):

Label the Diagram

💻 Code Challenge

6.9 Summary

This chapter introduced the five-layer IoT encryption architecture (E1-E5) that provides comprehensive protection for data flowing from devices to cloud services.

Mind map diagram summarizing the five IoT encryption layers. Central node shows Defense in Depth concept. Five branches extend to E1 through E5, each showing layer name, key mechanism, and primary purpose. E1 uses shared keys for local hop protection. E2 uses per-device keys with nonces for device authentication. E3 uses end-to-end keys for untrusted gateway scenarios. E4 uses TLS certificates for internet transport. E5 uses PKI for key rotation. Color scheme uses IEEE navy for central concept and teal for layer details. — Summary: Five encryption layers and their key characteristics

Key Takeaways

E1 (Link Layer): Protects local wireless hops using shared network keys and AES-128. Fast and lightweight, but all network members share the key.
E2 (Device-to-Gateway): Adds per-device keys with replay protection. Ensures only the intended gateway can decrypt, even if other network members capture traffic.
E3 (Device-to-Cloud): Provides true end-to-end encryption through untrusted intermediaries. Critical when gateways cannot be fully trusted.
E4 (Gateway-to-Cloud): Uses industry-standard TLS/DTLS for secure internet transport. Protects the “last mile” to cloud services.
E5 (Key Renewal): Handles periodic key rotation using asymmetric cryptography. Limits damage from key compromise and supports revocation.

The Defense in Depth Principle: Never rely on a single encryption layer. Each layer protects against different threat scenarios, and their combination provides robust security even when individual layers are compromised.

Design Rule: For production IoT deployments, implement at minimum E1 + E2 + E4. Add E3 when using third-party or potentially untrusted gateways. Always plan for E5 key rotation from the beginning—retrofitting key management is difficult and often leads to security gaps.

6.10 What’s Next

Start with E1: Link Layer Encryption to understand the foundation of IoT encryption at the wireless link level, then progress through each encryption level to build a complete understanding of multi-layer security architecture.

Next Chapter	Description
E1: Link Layer Encryption	Local wireless hop protection with AES-128-CCM
E2: Device-to-Gateway Encryption	Per-device keys and replay protection
E3-E4: Transport and End-to-End	End-to-end and TLS transport security
E5: Key Renewal	Asymmetric crypto for key rotation
Security Properties	Defense-in-depth best practices