Cost Efficiency

High Availability for Next to Nothing

Using P3KI Core with a P2P backend enables you to ensure high availability using commodity hardware or cloud instances.

No Updating Certificates on Devices

P3KI Core allows you to update or revoke premissions without the need to update certificates on your devices. No more update rollout plans, product recalls and expensive field-fixes.
Updating permissions is effectively free.

No Central Infrastructure

No need to run central servers to keep your system alive. If you need to scale up, simply start more P2P instances either using commodity hardware or cloud instances. There's no security requirements for P2P instances, so you can run them wherever you like.

Reduced Admin Workload

Without the need to monitor and maintain central infrastructure for your PKI, you've got more time to deal with other aspects of your job.


No Central Infrastructure

No need to have central servers for running operations or handling services like CRL or OCSP thus drastically reducing attack surface.

Peer-to-Peer Backend

The recommended backend for running P3KI Core gives you distributed and resilient storage while being very hard to attack. P3KI Core uses protocols that have already proven themselves in large scale deployments like the BitTorrent network.


P3KI Core establishes a web of trust between participants in the network. This localizes the effect compromised nodes have on the whole network and makes migration and recovery a breeze.


Model Trust with Arbitrary Granularity

Trust within the P3KI Core Trust Network is expressed using scenario specific TPLs. This enables you to model exactly to the challenge you're facing. TPLs can be as coarse or fine as your task demands.

Storage Agnostic

Resilient P2P, central database, or operating totally offline. The choice is entirely yours, P3KI Core will do your bidding.

Authorization, Authentication, Identity

Model flexible systems able to delegate permissions in a fully controlled manner to implement authorization schemes or limit access to specifically authenticated individuals. All this is possible with P3KI Core.


Square peg, round hole is a thing of the past. P3KI Core can be molded to perfectly fit your application.


Proven Security

All access delegations published to the network are protected by signatures created using proven signature schemes. This ensures data can neither be forged nor changed. A formal security proof exists, proving we're as secure as the underlying crypto primitives.

Security Independent of Backend

P3KI Core is resilient to attacks on the backend or even rogue elements being part of the backend. This holds true independent of the actual backend used (P2P, database, offline). You can easily host access delegation data in the cloud without having to fear for your data being forged or modified.

Open Source

Trust architecture and security software in general that is not open source so its code can be inspect cannot be trustworthy. This is why we'll release P3KI Core under a permissive open source license once it proved itself in extended field tests.