Wiznet makers

Welcome to WIZnet Maker

or

Don't have an account yet?

Welcome to WIZnet Maker

or

Already have account?

Reset Password

Know your password?

Need an account?

Benjamin

Published November 19, 2025 © Apache License 2.0 (Apache-2.0)

68 UCC

11 WCC

8 VAR

0 Contests

0 Followers

1 Following

Original Link

Running TLS on a Tiny MCU – RP2040 + W5500 with Only 32 kB RAM & 128 kB Flash

A clean, real-world test showing that a full HTTPS web server (TLS 1.3) can run on an RP2040 using just 32 kB RAM and 128 kB flash when paired with the W5500.

COMPONENTS Hardware components

Raspberry Pi - RP2040

x 1

WIZnet - W5500

x 1

Software Apps and online services

Arduino - Arduino IDE

x 1

Cesanta Software Ltd - Mongoose

x 1

platformio - PlatformIO IDE

x 1

PROJECT DESCRIPTION

Introduction

Let’s start with the question everyone asks: How small can an MCU be and still run proper TLS? The answer is surprisingly small — an RP2040 + W5500 runs full TLS 1.3 with only 32 kB RAM and 128 kB flash.

WIZnet Product Integration

The W5500 is the star here. It handles the complete TCP/IP stack in hardware, so the RP2040 only communicates over SPI. Almost no RAM or CPU time is spent on networking — perfect for adding TLS on tiny microcontrollers.

Technical Implementation

Hardware wiring is extremely simple:

  • Pico SPI0 → W5500 (CS=GP5, SCK=GP2, MOSI=GP3, MISO=GP4, RST=GP6)
  • 3.3 V + GND

Software: just copy mongoose.c and mongoose.h, then enable TLS with one line in mongoose_custom.h.

Reproduction Guide

  1. Clone https://github.com/cesanta/mongoose
  2. Open examples/arduino/w5500-http in Arduino IDE
  3. Select Raspberry Pi Pico as board
  4. In mongoose_custom.h add: #define MG_ENABLE_MBEDTLS 1
  5. Build & upload
  6. Check Serial Monitor for IP → open https://[IP] in browser

You now have a working HTTPS server.

Core Features and Performance

  • Plain HTTP: ≈ 17 kB RAM
  • HTTPS (TLS 1.3): ≈ 25 kB RAM (+8 kB for TLS)
  • TLS handshake: ~600 ms on 133 MHz Cortex-M0+
  • Extra flash for TLS: ≈ 20 kB
  • Confirmed minimum: 32 kB RAM / 128 kB flash

Code Snippet

Only change needed:

// mongoose_custom.h
#define MG_ENABLE_MBEDTLS 1        // enable TLS
#define MG_TLS MG_TLS_MBEDTLS      // use mbedTLS backend

Applications and Extensions

  • Secure sensor dashboards
  • Remote firmware updates over HTTPS
  • MQTT over TLS on very low-cost boards
  • Industrial devices that need encryption with < 64 kB RAM (planned: client certificates, PSK mode for even lower RAM)

Conclusion

If you thought TLS was impossible on small MCUs, this demo proves otherwise. RP2040 + W5500 + Mongoose = production-grade HTTPS server in under 30 kB RAM.

Try it today — everything is ready here: https://github.com/cesanta/mongoose/tree/master/examples/arduino/w5500-http

Documents
Comments Write

Similar projects you might like

PoECAM is an open source Fully programmable camera integrating PoE (Power Over Ethernet) . This item is ESP32 based webcam with W5500 embedd

M5Stack PoE Camera W/O Wi-Fi (OV2640)

teju

  • 5399

  • 0

NuttX is a real-time operating system (RTOS) with an emphasis on standards compliance and small footprint.

Apache NuttX Real-Time Operating System

ssekim

  • 3850

  • 2

News distribution system clients via IP network

WIDE STREAM

ssekim

  • 3303

  • 0

This article describes an Ethernet-connected subsystem of a larger modular sensor system.

How to Design a Super Simple Sensor System for Industrial Monitoring Applications

ssekim

  • 3890

  • 1

LwIP + W5500 Blog article

W5500 drivers for LWiP using ioLibrary

chen

  • 4463

  • 2

CAMELOT GPS TIMESTAMPING TEST BOARD

CAMELOT GPS TIMESTAMPING TEST BOARD

teddy

  • 3262

  • 0

This content is an introduction video for the W5500 network module.

W5500-Q184 | W5500 Ethernet TCP/IP Protocol Stack SPI IOT Compatible WIZ820io Shield

scott

  • 4105

  • 2

AVR ATmega port of freeRTOS

avrfreertos

ssekim

  • 3660

  • 1