MatrixSSL - Open Source Embedded SSL

Open Source Embedded SSL

MatrixSSL™ is an embedded SSL and TLS implementation designed for small footprint applications and devices. Available is a fully supported, commercial version as well as an open source version that is available for download. MatrixSSL allows secure management of remote devices. Several secure embedded Web servers also use MatrixSSL for their encryption layer.

MatrixSSL Webinar
Latest release: July 15, 2015: MatrixSSL 3.7.2b
Note: All versions of MatrixSSL are unaffected by the recent OpenSSL "Heartbleed" bug.
Note: MatrixSSL is not affected by the POODLE vulnerability: SSL 3.0 is disabled by default since version 3.3.1 on July 16, 2012.
Note: All versions of MatrixSSL are unaffected by "Weak keys" attack.
Note: All versions of MatrixSSL are unaffected by the July 2015 OpenSSL cerificate validation bug.


Before developing our own Secure Sockets Layer, we looked for a small, open source SSL/TLS implementation. This proved very difficult to find. We found several past attempts at an "OpenSSL Lite", "small OpenSSL" or "embedded OpenSSL", but none reduced the code to levels we required. The standard OpenSSL library is over 1 MB, and the best we found was more than half that. OpenSSL is a decent solution, but embedded security is one area where there was room for improvement.


Subscribe to the MatrixSSL RSS news feed to be notified of updates and security advisories. You can also subscribe to new releases through FreeCode to be notified through email.


    ¹Included with commercial license


MatrixSSL has been ported to operating systems including FreeRTOS, Bare Metal, eCos, VxWorks, uClinux, eCos, FreeRTOS, ThreadX, WindowsCE, PocketPC, Palm, pSOS, SMX, BREW, MacOS X, Linux and Windows.
Ported hardware platforms include ARM, MIPS32, PowerPC, H-8, SH3, i386 and x86-64.

Design Philosophy

Complexity is the main enemy of security. Therefore, any security design should strive for simplicity. We are quite ruthless about this, even though this does not make us popular. Eliminate all the options that you can. Get rid of all those baroque features that few people use. Stay away from committee designs, because the committee process always leads to extra features or options in order to achieve compromise. In security, simplicity is king.
Neils Ferguson
Bruce Schneier
Practical Cryptography

As a cryptography and computer security expert, I have never understood the current fuss about the open source software movement. In the cryptography world, we consider open source necessary for good security; we have for decades. Public security is always more secure than proprietary security. It's true for cryptographic algorithms, security protocols, and security source code. For us, open source isn't just a business model; it's smart engineering practice.
Bruce Schneier
Crypto-Gram 9/15/99


The software is fully downloadable under a dual licensing model; GNU Public License and a Standard Commercial license. Basically, the dual license means that you can use the library for free as long as you make public all code that links with it or otherwise uses the library. In addition, any changes made to the library must also be made public. If the application source code using MatrixSSL is to remain proprietary, a commercial license can be purchased from PeerSec Networks, the authors of MatrixSSL. The commercial license includes support, updates and additional software features such as client authentication and certificate/key generation. Another example of software using this model is MySQL, a widely used open source database.


The names "MatrixSSL", "PeerSec", "PeerSec Neworks" and their corresponding logos are Trademark (™) INSIDE Secure Corp. All content Copyright © INSIDE Secure Corp., 2002-2015.