fleaTLS – Embedded Cryptographic Libray

flexible, leightweight, and efficient algorithms

Our cryptographic software library fleaTLS is tailored to the use in resource constrained devices. Its main feature is a set of highly efficient implementations of public-key algorithms and TLS 1.2 for secure communication.
fleaTLS is available at

With this product you can efficiently and securely use cryptographic algorithms based on software implementations on low-cost 32- and 16-bit standard platforms as well as on dedicated security MCUs.

In order to reach this goal, the library is designed for flexibility. It enables extensive configuration options in order to offer the optimal performance under all requirements. To facilitate the seamless integration into your software framework, flea supports stack as well as heap memory allocations.

Download fleaTLS

download fleaTLS :


We provide support for any tasks around the use of the flea libary. Contact us at

  • TLS 1.2 (Q3 2017)
    • Client and server
    • Certificate validation according to RFC 5280
    • RSA, ECDSA and ECDH cipher suites
  • Public-Key:
    • Encryption: RSA-OAEP, RSA-PKCS#1 v1.5
    • Signature:
      • RSA-PKCS#1 v1.5
      • ECDSA with general GF(p) curves (ANSI X9.62, German BSI TR-03111)
    • Key agreement: ECDH (IEEE 1363, German BSI TR-03111)
  • Symmetric Encryption:
    • AES-128, AES-192, AES-256
    • DES, DES-X, 3DES-EDE (2-key and 3-key)
    • Standard block cipher modes : ECB, CBC, CTR
    • Authenticated Encryption: EAX and GCM
  • Hash-algorithms: MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
  • Message Authentication Codes: HMAC, CMAC
Platform: ARM Cortex-M3 @ 96 MHz

RSA key size Encryption or signature verification Decryption or signature generation
RSA 1024 5 ms 184 ms
RSA 1536 9 ms 539 ms
RSA 2048 16 ms 1118 ms
RAM requirement: 2 to 10 KB
Platform: ARM Cortex-M3 @ 96 MHz
EC Brainpool Domain Parameter

ECC key size Key generation Signature verification Signature generation
160 Bit 110 ms 130 ms 114 ms
224 Bit 188 ms 224 ms 194 ms
256 Bit 241 ms 292 ms 244 ms
RAM requirement: 2 KB
Platform: ARM Cortex-M3 @ 96 MHz
full fledged TLS 1.2 implementation including X.509 certificate verification, in this example using RSA 1024 key exchange
Code size RAM requirement TLS Handshake timing
40 KB < 16 KB 0.51 s


fleaTLS client/server demo on LPC1768 ARM mbed demo board with ethernet/TCP/IP support

For information on licensing, further technical information or support please contact us at


cryptosource GmbH has an exhibition at the embedded world 27.2.-1.3. 2018 in Nürnberg, hall 4A / stand 540f, and also contributes a half-day lecture about Cryptography Engineering for Embedded Systems to the accompanying conference.


cryptosource GmbH has an exhibition at the "Internet of Things" conference on October 19th, 2017 in Munich.

cryptosource GmbH has an exhibition at the embedded world 2017 in Nurnberg, Germany March 21st 2017

At Eurocrypt 2016 cryptosource presents a work about vulnerabilities of the random number generator of OpenSSL May 12th 2016