SharkSSL Embedded SSL/TLS Client and Server

SharkSSL is the smallest, fastest, and best performing embedded TLS v1.0/1.1/1.2 solution. With its array of compile-time options, the small and fast SharkSSL can be fine-tuned to a light footprint that occupies less than 20kB, while maintaining full x.509 authentication, using industry standard encryption.

Extreme Optimization

The ANSI C and Assembly-optimized big-integer libraries deliver maximum performance providing the best alternative for embedded devices. SharkSSL supports all industry leading processors and may be used with or without hardware-assisted encryption.

SharkSSL is used by manufacturers to secure their Internet of Things (IoT) solutions.


  • Enterprise Level Security
  • Optimized C & Assembly
  • RTOS, HLOS, or Bare Metal
  • Supports Hardware Encryption


  • Elliptic Curves & Suite B
  • Pre-Integrated Crypto Libraries
  • Websocket Client & Server
  • Demonstrations for IoT Security
  • Certificate Management & Creation

SharkSSL Architecture Diagram

Embedded SSL/TLS block diagram

SharkSSL Benchmark Results for ARM Cortex-M3

Complete secure IoT solution in 38Kb

A complete reference platform in
38K ROM and 13K RAM.

Optimized to take advantage of encryption acceleration, SharkSSL achieves unmatched throughput on ColdFire, Kinetis K60, and all the Cortex-M3 and -M4 processors. Available as source code, SharkSSL code can be implemented on any processor off the shelf. The SharkSSL library has been successfully deployed on ARM, Freescale, and PowerPC-based FPGA architectures. Other processors and accelerators can be accommodated upon request.

SharkSSL can be compiled in less than 20kB and without having to resort to cumbersome methods such as using pre-shared keys. We provide full x.509 certificate authentication in less than 20kB ROM.

The figure to the right shows our bare metal SharkSSL reference platform is a mere 38Kb ROM and 13Kb RAM. The reference platform includes application (demo) code, SharkMQ, SharkSSL, the uIP TCP/IP stack, and drivers; all in tiny 38Kb. Also the complete RAM usage for the entire system is only 13Kb. As proof, we have made the linker's map file available for download. You may also download the reference material for the demo.

SharkSSL Benchmark

The online benchmark above includes some of our ciphers. We also provide a complete benchmark list for all ciphers. The list also includes the awesome speed of our assembler optimized libraries. Please contact us and we will send you the benchmark results as a PDF file.

SharkSSL Pricing

Bare-Metal or RTOS


Out-of-the-box operating system (OS) support includes INTEGRITY™, MQX™, SMX™, ThreadX™, embOS™, VxWorks™, QNX™, FreeRTOS™, uCLinux™, MDK-ARM™, Microchip, mbed™, Mediatek™, lwIP, uIP, Linux, and Windows™.


Out-of-the-box support for uIP and lwIP in event driven mode. All additional protocols and examples are ported to these two event driven TCP/IP stacks. SharkSSL's transport agnostic API makes it easy to port the SSL stack to any bare-metal and/or hybrid hardware/software network stack.

Secure Embedded Web Server

The SharkSSL (standalone) package includes an Embedded Web Server and many other secure IoT protocols. The protocols are included at no additional cost.


Download and try our
ESP8266 SharkSSL FreeRTOS/lwIP IDE.

The ESP8266 is a low cost WiFi SoC built around a Tensilica Xtensa LX3 processor. The SharkSSL FreeRTOS/lwIP ESP8266 IDE provides an easy to use development environment for compiling SharkSSL IoT examples and for uploading these examples to an ESP8266. The IDE provides a complete development environment with no other tools required!