The target equipment is a fairly low-power MCU (ARM Cortex-M3 @ 72MHz, with approximately 64 Kbytes SRAM and 256 Kbytes flash), so there is a thin line here. My board has ethernet, and I end up with lwIP (lightweight TCP / IP FOSS packet) running on it (currently struggling). However, I also need some kind of ultralight SSL / TLS alternative. I know of the multiple GPL'd SSL / TLS implementations for such MCUs, but their footprint is still pretty significant. As long as they fit, considering everything else, do not leave much space for others.
My traffic is not HTTP, so I don’t have to worry about HTTPS, and my client / server connection can be fully patented, so a non-standard solution is fine. Looking for suggestions on what might be minimalistic but reliable (well, poor security is useless), an alternative that helps me is
- Encrypt my message (C-> S and S-> C)
- Do two-way authentication (C-> S and S-> C)
- Avoid the man in the middle attacks.
I will not optimize the library at the ARMv7 build level and, therefore, completely concentrate on my programming skills and optimize the GNU-ARM compiler. As stated above, any pointers to what might be the best option?
source
share