P3KI GmbH


Operating since 2014 with a top-notch, international team we're building the next generation of PKI and trust architectures. P3KI's Core technology is based on more than eight years of research, multiple best-of-class thesis works and years of experience in the IT security and software development world. P3KI GmbH is a privately owned subsidiary of berlin-based IT security consultancy Recurity Labs GmbH.

Contact us!
P3KI Timeline

Over a decade in the making!

P3KI Core has been a long time coming: based on research that begun in 2006, two best-of-class diploma theses, and under active development since 2014 by a growing consortium of companies with a headcount crossing thirty.

P3KI Core is the brainchild of the internationally renowned hacker Felix 'FX' Lindner and strongly informed by decades of experience 1, 2, 3, 4, 5, 6, 7 doing cyber security consulting1 for large multi-nationals from the automotive to telecoms sector.

2021-23: Self-Service Accounts for Industrial Control Systems

In colaboration with a large, german chemical company (references upon request) operating internationally, we've successfully presented a system to self-service personalized accounts in accordance with regulations such as IEC 62443 and GMP.

We've showcased cross-airgap functionality enabling easy onboarding of employees and contractors to gain access to a DCS (Distributed Control System).

Self-Service Accounts Product Page

2020-23: SiloHopper

We've developed a novel concept to marry classic PKI with P3KI's web-of-trust to enable seamless permission control delegation across PKI boundaries.

SiloHopper Product Page

2020-23: Decentralized Trust System

In collaboration with the Maritime Connectivity Platform Consortium we've been developing a Decentralized Trust System for international maritime shipping applications.

Decentralized Trust System Product Page

2020: The way ahead

With our partner digital.Wolff we're bringing offline capable authorization to IoT payment terminals.

We've extended our platform support to include the Xtensa Platform (ESP32) as well as WebAssembly (WASM) along side Python 3 bindings.

Work on a Kubernetes integration to allow flexible authorization of large scale Cloud deployments is underway.

We've joined the newly established Trust over IP Foundation to further the standardization effort for decentralized PKI solutions.

2019: Personal Certificates

With this proof of concept we are able to show that it's possible to use P3KI Core to digitize personal certificates, like attestations for having successfully passed a professional welding test. The resulting system is straight forward to use, protects your privacy, and fully supports offline verification for scenarios where you do not have internet connectivity at hand.

2017: Reimplementation in Rust

Due to customer demand for an embedded implementation of P3KI Core, we've decided to move away from Java. After much deliberation we've settled on Rust at a time where MISRA-C and C++ where still state of the art.

Two years later, in mid-2019 we would be proven right in our decision, when even Microsoft hailed Rust as the next big and safe systems programming language.

2016: Autonomous Parking & Driving

With this proof of concept for a large automotive we've outlined the applicability of P3KI to vehicle-to-X scenarios, namely autonomous parking and driving. For this we've developed a table-top demonstrator based on small mobile computers wirelessly communicating with each other.

2015: Inverted PGP Web-of-Trust

As a first proof-of-concept we've shown an alternative approach to how PGP does verification of key material. PGP let's you verify that you trust someone that trusts someone that trusts a given key to be legitimate. However, since you already have a usable key in hand and attesting someone's key at key signing events did not quite scale, this step is rarely taken.

Our prototype turned this around by doing a forward-search of the web-of-trust until it found a trusted key that was directly usable or none at all, making key verification way more robust.

2012: Diploma Thesis

Gregor Kopf, in his diploma thesis, layed the foundation for what would become P3KI two years later. He outlined a distributed, peer-to-peer based, highly flexible alternative PKI approach and wrote the first prototype implementation while working for Recurity Labs1.

2006: ISO 20828

The automotive industry foresaw the need for distributed PKI to address increasingly complex maintenance scenarios as well as vehicle-to-X communication security. The standard itself is heavily influenced by the established tools available at the time (X.509) and several important technical details are noted as outside the scope of the standard.

Nevertheless, ISO 20828 was instrumental in seeding the idea that would later become P3KI Core. Today P3KI Core goes far beyond what ISO 20828 envisioned and solves all its requirements with ease.

1999: RFC 2693

SDSI/SPKI was way ahead of its time and was soon forgotten outside academia. Despite not being aware of SDSI/SPKI during initial development of P3KI Core we've arrived at many a same conclusion. P3KI Core, while not exactly SDSI/SPKI, shares a lot of its spirit.

If you want to learn more, don't hesitate to get in touch with us for a presentation and demo!

Contact us!

Careers at P3KI


P3KI is a young and growing company with many opportunities for first-class developers, security and cryptography experts, operations wizards and the likes.

If you think you've got what it takes to complement our team, get in touch!

Contact us!

Contact us!


+49 (0)157 86882567 (Sales)
+49 (0)711 22051252 (Primary)
+49 (0)30 695399933 (Secondary, Berlin office @ Recurity Labs)

P3KI GmbH c/o Recurity Labs GmbH
Wrangelstr. 4, 10997 Berlin, Germany