Starting in 2005, invisible devices such as sensors are expected to far outnumber visible, human-facing devices. Engineers and designer of low-power devices are increasingly concerned with building security into designs to strongly identify network nodes, to ensure that data remains confidential and that privacy is protected. This paper discusses how to implement strong security into weak devices; how implementations of authentication and encryption can make efficient use of memory, processing and bandwidth and the design trade-offs in these implementations.