fleaTLS – Embedded Cryptographic Libray

flexible, leightweight, and efficient algorithms

Our cryptographic software library fleaTLS is tailored to the use in resource constrained devices. Its main feature is a set of highly efficient implementations of public-key algorithms and TLS 1.2 for secure communication.
fleaTLS is available at

With this product you can efficiently and securely use cryptographic algorithms based on software implementations on low-cost 32- and 16-bit standard platforms as well as on dedicated security MCUs.

In order to reach this goal, the library is designed for flexibility. It enables extensive configuration options in order to offer the optimal performance under all requirements. To facilitate the seamless integration into your software framework, fleaTLS supports stack as well as heap memory allocations.

Download fleaTLS

download fleaTLS :


We provide support for any tasks around the use of the fleaTLS libary. Contact us at

  • TLS 1.2
    • Client and server
    • Certificate validation according to RFC 5280
    • RSA, ECDSA and ECDH cipher suites
  • Public-Key:
    • Encryption: RSA-OAEP, RSA-PKCS#1 v1.5
    • Signature:
      • RSA-PKCS#1 v1.5
      • ECDSA with general GF(p) curves (ANSI X9.62, German BSI TR-03111)
    • Key agreement: ECDH (IEEE 1363, German BSI TR-03111)
  • Symmetric Encryption:
    • AES-128, AES-192, AES-256
    • DES, DES-X, 3DES-EDE (2-key and 3-key)
    • Standard block cipher modes : ECB, CBC, CTR
    • Authenticated Encryption: EAX and GCM
  • Hash-algorithms: MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
  • Message Authentication Codes: HMAC, CMAC
Platform: ARM Cortex-M3 @ 96 MHz

RSA key size Encryption or signature verification Decryption or signature generation
RSA 1024 5 ms 184 ms
RSA 1536 9 ms 539 ms
RSA 2048 16 ms 1118 ms
RAM requirement: 2 to 10 KB
Platform: ARM Cortex-M3 @ 96 MHz
EC Brainpool Domain Parameter

ECC key size Key generation Signature verification Signature generation
160 Bit 110 ms 130 ms 114 ms
224 Bit 188 ms 224 ms 194 ms
256 Bit 241 ms 292 ms 244 ms
RAM requirement: 2 KB
Platform: ARM Cortex-M3 @ 96 MHz
full fledged TLS 1.2 implementation including X.509 certificate verification, in this example using RSA 1024 key exchange
Code size RAM requirement TLS Handshake timing
40 KB < 16 KB 0.51 s


fleaTLS client/server demo on LPC1768 ARM mbed demo board with ethernet/TCP/IP support

For information on licensing, further technical information or support please contact us at