Verimatrix and Inside Secure have merged. Learn more here. Go to Verimatrix website.

Tiny memory footprint

Proven in 8-bit microcontroller

<10KB of flash and 0,6KB of RAM per connection

Robust Security

Secure TLS implementation despite its incredibly small size

Adapting to your needs

The feature set can be customized to your exact requirements

Product description

With GUARD TLS Tiny, IoT manufacturers can retrofit a secure connection to their existing design as long as they have 0,6 kB of RAM and less than 10 kB of Flash available. For new design, GUARD TLS Tiny provides secure connection with cheaper microprocessors reducing the total Bill of Material.

Robust Security

TLS/DTLS are widely used to secure application data and have a proven security track record for example in securing banking applications. Typical weaknesses are due to the use of poor Random Number Generator or to insecure configuration of TLS. TLS/DTLS is an ideal solution to secure traffic from small devices that typically are used for a simple application, e.g. sending reports over MQTT, a widely used IoT protocol.

GUARD TLS Tiny provides a trusted solution to prevent eavesdropping and tampering of all network traffic. It protects the per-device keys by never using the raw key for data. It provides strong random byte generation – the foundation of crypto algorithm security – by integrating with the Hardware TRNG or using a modified version of Yarrow algorithm. Zeroization of all memory containing secret data is performed after usage.

Simple integration

GUARD TLS Tiny requires an IP stack on the device. If TCP is available, using TLS is a natural choice. However if only UDP is available, DTLS provides equivalent security.

The developer needs to initialize GUARD TLS Tiny library and associate an established TCP socket with a new TLS context, before data can be written and read securely to the socket. There are only 5 APIs used to interact with the TCP stack.

The GUARD team provides code level developer support to assist with the integration.

Adapting to your needs

GUARD TLS Tiny has to maintain a very limited feature set in order to fit on memory constraint micro-controller.

Upon request, the GUARD team is able to customize the feature set to your exact needs while still maintaining a tiny memory footprint.

Other information


  • Only 600 bytes of RAM per connection
  • < 10KB code size
  • Support PSK (Pre-Share Key)
  • TLS 1.0 and TLS1.1
  • PSK_AES128_SHA cipher suite
  • Modified Yarrow PRNG algorithm
  • TLS1.2 and DTLS1.2 (on request)
  • Mutual Authentication (on request)
  • X.509 certificate extraction according to Global Platform  SCP11 (on request)
  • ECDSA-ECDHE suite (on request)
  • SHA256 (on request)


  • Robust security
  • Tiny memory footprint
  • Retrofit existing design with security
  • Decrease your Bill of Material
  • Simple integration
  • Proven and tested with IBM MessageSight server and MQTT
  • Portable C source code
  • Engineering level support