<?xml version="1.0" encoding="UTF-8"?>
<reference anchor="I-D.ietf-suit-firmware-encryption" target="https://datatracker.ietf.org/doc/html/draft-ietf-suit-firmware-encryption-26">
   <front>
      <title>Encrypted Payloads in SUIT Manifests</title>
      <author initials="H." surname="Tschofenig" fullname="Hannes Tschofenig">
         <organization>University of Applied Sciences Bonn-Rhein-Sieg</organization>
      </author>
      <author initials="R." surname="Housley" fullname="Russ Housley">
         <organization>Vigil Security, LLC</organization>
      </author>
      <author initials="B." surname="Moran" fullname="Brendan Moran">
         <organization>Arm Limited</organization>
      </author>
      <author initials="D." surname="Brown" fullname="David Brown">
         <organization>Linaro</organization>
      </author>
      <author initials="K." surname="Takayama" fullname="Ken Takayama">
         <organization>SECOM CO., LTD.</organization>
      </author>
      <date month="December" day="8" year="2025" />
      <abstract>
	 <t>   This document specifies techniques for encrypting software, firmware,
   machine learning models, and personalization data by utilizing the
   IETF SUIT manifest.  Key agreement is provided by ephemeral-static
   (ES) Diffie-Hellman (DH) and AES Key Wrap (AES-KW).  ES-DH uses
   public key cryptography while AES-KW uses a pre-shared key.
   Encryption of the plaintext is accomplished with conventional
   symmetric key cryptography.

	 </t>
      </abstract>
   </front>
   <seriesInfo name="Internet-Draft" value="draft-ietf-suit-firmware-encryption-26" />
   
</reference>
