The Sphinx pilot project trialled products from a number of manufacturers with the aim of realising end-to-end security in the public administration sector. Selected workspaces were equipped with chip card readers and security software in the form of plugins. Agreeing to use the manufacturer-neutral standard MailTrusT Version 2 from TeleTrusT Deutschland e.V. ensured that products from different manufacturers could work together with one another.

The keys required were provided within the pilot project's own Public Key Infrastructure (PKI). This infrastructure was set up at the German Federal Office for Information Security and Atos Origin GmbH (formerly: SchlumbergerSema Competence Center Informatik GmbH) and operated for the three-year duration of the project. The PKI comprised three certificate authorities. These issued certificates to ensure the authenticity of the public keys as well as the identity of the owner. The pilot project trialled both centralised and local key generation. The key material was stored on chip cards or diskettes.