Vigil Security, LLC Arm Limited Linaro SECOM CO., LTD. This document specifies techniques for encrypting software, firmware and personalization data by utilizing the IETF SUIT manifest. Key agreement is provided by ephemeral-static (ES) Diffie-Hellman (DH) and AES Key Wrap (AES-KW). ES-DH uses public key cryptography while AES-KW uses a pre-shared key-encryption key. Encryption of the plaintext is accomplished with conventional symmetric key cryptography.