Future-compatible decentralized PKI

Easy & secure access delegation: online, offline, everywhere!


The Gist

P3KI is the next generation of Public-Key Infrastructure (PKI).

We offer flexible and arbitrarily precise expression of permission levels with first-class support for mathematically proven delegation to solve authorization and authentication challenges.

Everything is verifiable even in offline scenarios; without any central infrastructure being required.

P3KI's technology augments existing protocols and services and offers a solid base for new designs.

Offline-Capable & Decentralized

Our technology offers real decentralization, not the misleading "we're highly redundant" kind of distribution.

From the day the idea was born, we designed our solution to be 100% capable of operating without any kind of central infrastructure. You can model systems comprised of distributed, fully autonomous nodes that only communicate occasionally with a random selection of their peers.

A strongly decentralized system automatically has to be fault tolerant with regards to the availability of inter-node communication connections. Split networks, nodes only occasionally able to communicate, and nodes without network connectivity are the norm in such scenarios. P3KI's technology is designed to not only cope with these scenarios but excel at modeling them.

You can of course still model centralized systems if that's what you need.

Risk Manager's Best Friend

Access delegations between devices can be expressed with arbitrary, scenario specific expressions. This means that access is delegated not wholesale but to exact specifications and requirements.

This has two added benefits:

  1. Up front, risk management can determine the exact permission levels delegated between any arbitrary selection of devices and services, making the risk manager's job significantly easier and more precise.
  2. Should a device get compromised, the worst that could happen is what the specific device was trusted with, which is usually just exactly what that specific device needed to do and nothing else. Other solutions use generic or coarsely specified certificates that lead to higher threat impact.

P3KI's solution offers better up front risk management capabilities and also greatly reduced possibilities of lateral movement in cases of compromise.

Our Partners