Small footprint
Optimized for microcontrollers. Configurable build lets you trim what you don’t need so TLS fits in constrained environments.
TLS for embedded & constrained systems
A fast, lightweight
TLS crypto library
Built for deterministic performance, clean APIs, and modern cryptography. Designed for engineers building secure firmware and embedded devices.
Why NoxTLS?
Built specifically for engineers building secure firmware and embedded devices.
Predictable performance
Deterministic crypto operations. No surprise allocations or timing spikes — ideal for real-time and safety-critical firmware.
Security-first design
Constant-time primitives where required. Built for engineers who take embedded security seriously.
Easy integration
Clean C APIs and configurable build. Drop into your stack without fighting opaque dependencies.
Portable
Cortex-M, embedded Linux, and desktop. One codebase across your target platforms.
Tested and Validated
Our Unit Tests are run on a wide range of platforms and devices to ensure the library is stable and reliable and enable you to leverage the testing as part of Quality Assurance (QA) processes.
Everything you need
Modern cryptography and TLS features built for embedded and constrained systems.
Full TLS 1.2/1.3 support
Complete protocol support for modern secure connections.
ECC (P-256, P-384, P-521)
ECDH and ECDSA for key exchange and authentication.
AES-GCM AEAD
Authenticated encryption for confidentiality and integrity.
SHA-2 / SHA-3 hashing
SHA-256 and related algorithms for hashing and signatures.
HMAC
Message authentication for integrity and authenticity.
DRBG
Deterministic random bit generator for cryptographic randomness.
X.509 helpers
Parsing helpers for certificates and chains.
Configurable footprint
Embedded-friendly architecture you can trim to fit.
Project status
Open source, transparent roadmap, and built in the open.
Early Alpha
Actively developed
CI enabled
Security review planned
Improvements ongoing