DTLS server configuration for minimal RAM and flash usage with fast handshake (for STM32F4)


What is correct/recommended config.h contents to enable just one EC cipher suite for DTLS server so that RAM usage (max. some tens on kB) and flash usage (preferably under 100 kB) is as low as possible and DTLS handshake performance is fast enough (under 1 s, preferably under 0.5 s). Both client and server must identify (and verify) itself by certificate.

Target server platform STM32F407@168 MHz. Client runs on PC, so no limitations there.

The Mbed TLS repository contains a folder with some configuration examples. One of them is an example for a minimal configuration for a TLS 1.1 . You can start with this example, replacing the TLS version (to 1.2), and replace the key exchange, and add your desired cipher suite and eliptic curve.
You can also look at the suite_b configuration file, as reference, which contains only the features defined by suite b , which is also minimal configuration.