Connected devices require a secure point-to-point channel to ensure that there is no possibility of exposing important data for the integrity of an embedded system. This is especially true when we talk about over-the-air (OTA) software updates, where the new firmware has a long way to go before reaching its destination and being installed by our bootloader.
This is a companion discussion topic for the original entry at https://interrupt.memfault.com/blog/firmware-encryption-with-python