Skip to main content


For a VM image to successfully integrate into the tiCrypt environment, the VM image must run correctly the tiCrypt VM Controller and register the VM with the tiCrypt infrastructure. Failure to do so will result in the VM being killed by the tiCrypt backend for security reasons.

In the rest of the document, we’ll use the following terms:

A virtual machine that emulates real hardware such as CPUs and drives, and will boot from a VM Image.

VM Image
The boot drive of a VM. It provides the base operating system, fully installed, and set up.

VM Brick
The tiCrypt specification of hardware setup and a VM Image

Universal unique identifier, an ID that is guaranteed to be unique

A continuous, long-running communication channel to a web server.

Windows full disk encryption

Linux full disk encryption

tiCrypt Stub
Program running on the VM that bootstraps the tiCrypt security mechanism. It also watches and restarts the tiCrypt VM Controller in case of crashes or updates

tiCrypt VM Controller
Program running on the VM that controls the VM on behalf of the user and ensures/enforces all the security mechanisms

tiCrypt Controller Server
tiCrypt component that provides the global configuration file and the latest version of the tiCrypt VM Controller.