Comparing Mbedtls to OpenSSL

I’m wondering what is the advantage of MbedTLS over OpenSSL? I have read the introduction but it seems kind of unclear to me.

Mbed TLS is a direct replacement for OpenSSL when you look at the standards. If you look at our Features you will see similar items as on the OpenSSL feature list. The major difference is the way we make the code. We aim to help you make better applications. We provide as many documentation, examples and support as you need to be happy with the result.

So my questions are:

  • How better it is over OpenSSL?
  • How lightweight is it comparing to OpenSSL for embedded systems? Does it use less RAM/CPU for programs? Specific examples or statistics are very much appreciated.
  • Other than the lightweight aspect, are there any other improvements?

Hi @sinhviencodon
openSSL is a good tool, which has which has some more features than Mbed TLS. However, it is not so usable for embedded sstems, at the moment.

Mbed TLS, is very light wieght, and highly configurable. You can configure it to include only the feature set you need. As it’s highly configurable, a specific example is not straight forward.
You can look at this article for some code size example with different configurations.
In addition, we are in constant work of reducing RAM usage for embedded systems. In addition, Mbed TLS can be ported using the hardware cryptographic accelerators, if you follow this article
Mbed TLS Support