GUARD TLS Tiny: The world smallest TLS stack

With GUARD TLS Tiny, IoT manufacturers can retrofit a secure connection to their existing design as long as they have 0,6 kB of RAM and less than 10 kB of Flash available. For new design, GUARD TLS Tiny provides secure connection with cheaper microprocessors reducing the total Bill of Material.

Robust Security

TLS/DTLS are widely used to secure application data and have a proven security track record for example in securing banking applications. Typical weaknesses are due to the use of poor Random Number Generator or to insecure configuration of TLS. TLS/DTLS is an ideal solution to secure traffic from small devices that typically are used for a simple application, e.g. sending reports over MQTT, a widely used IoT protocol.

GUARD TLS Tiny provides a trusted solution to prevent eavesdropping and tampering of all network traffic. It protects the per-device keys by never using the raw key for data. It provides strong random byte generation – the foundation of crypto algorithm security – by integrating with the Hardware TRNG or using a modified version of Yarrow algorithm. Zeroization of all memory containing secret data is performed after usage.

Simple integration

GUARD TLS Tiny requires an IP stack on the device. If TCP is available, using TLS is a natural choice. However if only UDP is available, DTLS provides equivalent security.

The developer needs to initialize GUARD TLS Tiny library and associate an established TCP socket with a new TLS context, before data can be written and read securely to the socket. There are only 5 APIs used to interact with the TCP stack.

The GUARD team provides code level developer support to assist with the integration.

Adapting to your needs

GUARD TLS Tiny has to maintain a very limited feature set in order to fit on memory constraint micro-controller.

Upon request, the GUARD team is able to customize the feature set to your exact needs while still maintaining a tiny memory footprint.