The fun part of applied cryptography is combining one or more of the preceding algorithm types to achieve specifically desired security properties. In many communication protocols, these algorithm groupings are often called ciphersuites. Depending on the protocol at hand, a ciphersuite specifies the particular set of algorithms, possible key lengths, and uses of each.

Ciphersuites can be specified and enumerated in different ways. For example, Transport Layer Security (TLS) offers a wide array of ciphersuites to protect network sessions for web services, general HTTP traffic, Real-Time Protocols (RTP), and many others. An example TLS ciphersuite enumeration and interpretation is TLS_RSA_WITH_AES_128_GCM_SHA256, which interprets to using:

• The RSA algorithm for the server's public key certificate authentication (digital signature). RSA is also the public key-based key transport (for passing the client-generated pre-master secret to the server).
• The AES algorithm (using 128-bit length keys) for encrypting all data through the TLS tunnel.
• AES encryption is to be performed using the Galois counter mode(GCM); this provides the tunnel's ciphertext as well as the MACs for each TLS datagram.
• SHA256 to be used as the hashing algorithm.

Using each of the cryptographic algorithms indicated in the ciphersuite, the specific required security properties of the TLS connection and its setup are realized:

• The client authenticates the server by validating an RSA-based signature on its public key certificate (the RSA signature was performed over a SHA256 hash of the public key certificate, actually).
• Now, a session key is needed for tunnel encryption. The client encrypts its large, randomly generated number (called pre-master secret) using the server's public RSA key and sends it to the server (that is, only the server, and no man-in-the-middle (MITM) can decrypt it).
• Both the client and server use the pre-master secret to compute a master secret. Key derivation is performed for both parties to generate an identical key blob containing the AES key that will encrypt the traffic.
• The AES-GCM algorithm is used for AES encryption/decryption—this particular mode of AES also computes the MAC appended to teach TLS datagram (note that some TLS ciphersuites use the HMAC algorithm for this).

Other cryptographic protocols employ similar types of ciphersuites (for example, IPSec), but the point is that no matter the protocol, IoT or otherwise, cryptographic algorithms are put together in different ways to counter specific threats (for example, MITM) in the protocol's intended usage environment.