Each file, resource, and drive is encrypted using a unique AES-256 key. The public key infrastructure is leveraged to manage these keys securely. Individual keys ensure confinement and manageability.

Files and communication messages are end-to-end encrypted; at no point are files and keys stored unencrypted on the server. Data is encrypted and decrypted only on the users’ desktops or controlled virtual machines.

All security mechanisms in tiCrypt are based on the use of a RSA-2048 public-private key pair for each user.

Each file and resource is independently encrypted with a unique AES-256 key fully under user control. No key means no data access, even for admins. AES keys are managed using the user’s public RSA key.