The wolfSSL embedded SSL/TLS library has added the option for using ECDHE-PSK cipher suites. This opens up using the small memory size ECC keys with PSK on embedded devices.
PSK (pre shared keys) is a viable option when controlling both ends of the connection. It allows for saving memory and computation time when performing a TLS handshake. Adding ECDHE gives the cipher suite perfect forward secrecy with using an ephemeral ECC key during the TLS handshake. Previously wolfSSL had DHE-PSK cipher suites but using ECDHE-PSK cipher suites will save even more memory, beneficial in resource-constrained, IoT devices.
The ECDHE-PSK cipher suites available to users include:
ECDHE-PSK-NULL-SHA256
ECDHE-PSK-AES128-CBC-SHA256
ECDHE-PSK-CHACHA20-POLY1305