[kjs3]

One of the specific design requirements for the AES competition is that it could be used in embedded systems, which at the time was synonymous with 8-bits and limited memory. There are AES candidate 'reference' implementation floating around for the original AES bakeoff (that Rijndael eventually won) running in a couple of KB of memory for the 8051 and mc6805, for example, and I know of at least one PIC version of AES in use. There's probably tons of other examples; given how well documented the algorithm is, it's one of those things a lot of people probably take a swing at.

Now...this is obviously for sending small amounts of data at low (very) bit rates 'securely', not modern web or streaming or anything fun like that. And my understanding is that the real killer in trying to do something like TLS on such small platforms is the key generation/exchange/management part. YMMV.