In IoT environments, where security and safety are paramount, an encryption-based root of trust provides the strongest means to establish and maintain authenticity, integrity, confidentiality, privacy, and availability. Digital certificates issued from a trusted public key infrastructure provide a proven mechanism for this. However the storage and processing demands of traditional encryption keys have driven some to favour lightweight cryptography. In this situation, we propose a lightweight but robust key management scheme with much smaller key sizes, and its operations require significantly less processing, making it appropriate for devices with less storage space, processing power and battery life.