tiCrypt Documentation
tiCrypt is a secure research platform that provides encrypted file storage (the Vault), isolated virtual machines, and a tamper-evident audit trail. It is designed for universities, national labs, and federal research institutions that handle regulated data such as Controlled Unclassified Information (CUI). The platform uses a zero-knowledge architecture: all encryption and decryption happen on the user's device, so the server infrastructure never holds encryption keys or plaintext data.
Core Architecture
Every file is encrypted with AES-256 before leaving the user's device. Virtual machines run on isolated infrastructure with encrypted drives. All operations are recorded in a tamper-evident, hash-chained audit log. Administrators manage users, teams, and resources but cannot access user data.
This documentation covers installation, configuration, usage, and administration of tiCrypt.
Where to Start
| If you are a... | Start here | What you'll find |
|---|---|---|
| New user | User Training | Install the Connect Application, register your account, and start working in tiCrypt |
| Researcher | User Guide | Working with files, virtual machines, Slurm batch processing, and account settings |
| Administrator | Admin Guide | Managing users, teams, projects, audit logs, and key escrow |
| System administrator | System Administration | Deploying the tiCrypt backend, configuring services, and preparing VM images |
| Security evaluator | Security Whitepaper | Technical overview of tiCrypt's security architecture and cryptographic implementation |
Additional Resources
- Articles: deep dives into tiCrypt's architecture and technical capabilities
- Release Notes: version history for all tiCrypt components
- User Roles: role permissions and scope