tinydtls provides a light-weight implementation of the DTLS protocol that can be used in devices with tight memory constraints, i.e. in the order of 100 KiB flash memory and about 10 KiB RAM. The cipher suites supported by tinydtls are limited to TLS_PSK_WITH_AES_128_CCM_8 and TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 that are mandatory-to-implement for CoAP. In scope:
- Integration of new cipher suites as they become available and are recommended for use with CoAP, e.g. the proposed TLS_ECDHE_PSK_WITH_AES_128_CCM_8 to achieve forward secrecy in the PSK mode of CoAP.
- Implementation of DTLS extensions that are useful in constrained environments, e.g. the maximum fragment length negotiation specified in RFC6066.
- Provide an interface for using hardware acceleration for cryptographic computations such as AES or ECC.
- Include optional lua binding for rapid prototyping of DTLS-enabled applications.
- Optimize memory usage and runtime behavior.
- Improve code quality, including error handling and robustness.
Out of scope:
- Development of new cipher suites.
- Implementing application logic except for example code that illustrates how to use the library.
- Support for CoAP's certificate mode.