Categories: Software

Encrypted Future: Microsoft Revamps BitLocker for Speed

As Microsoft moves to enhance BitLocker encryption in Windows, the tech giant has announced hardware acceleration that promises to make the system significantly faster. Though these improvements are poised for future implementation, existing PCs won’t benefit immediately. Starting with the September update of Windows 11 24H2 in 2025 and following with the release of Windows 11 25H2, BitLocker will utilize enhancements in future SoCs and CPUs to improve performance and security for both current and future NVMe drives.

Created by Grok

Hardware-accelerated BitLocker encryption will be supported by processors debuting in 2026, requiring a dedicated cryptographic engine. This engine will handle AES-XTS-256 encryption processing, offloading tasks from the CPU’s main cores. Initially, the new feature will target Intel’s vPro platforms with upcoming Core Ultra Series 300 processors. However, Microsoft aims to expand support to additional manufacturers.

Key advancements include:

  • Cryptographic Offloading – BitLocker transfers core cryptographic operations from the main CPU to a dedicated cryptographic engine. This shift frees CPU resources for other tasks, enhancing both performance and battery life.
  • Hardware-Protected Keys – BitLocker’s bulk encryption keys are hardware-protected, assuming the necessary SoC support. This enhancement boosts security by reducing vulnerability to CPU and memory attacks. It’s an augmentation to the already supported Trusted Platform Module (TPM), safeguarding intermediate BitLocker keys, thereby avoiding the use of BitLocker keys in the CPU and memory entirely.

Performance data indicate that sequential read and write speeds are similar between software and hardware approaches. However, with random operations involving 4K block sizes, hardware acceleration shows significant improvement. In RND4K Q32T1 read-and-write tests, BitLocker hardware acceleration performs 2.3 times faster. For single-queue random read operations, hardware encryption is approximately 40% quicker, and for single-queue random write operations, about 2.1 times faster.

It’s noteworthy that last year, Microsoft enabled default BitLocker encryption for all Windows 11 versions, which adversely affected SSD performance. Remember, just yesterday we explained how to manually activate native NVMe support in Windows 11.

Casey Reed

Casey Reed writes about technology and software, exploring tools, trends, and innovations shaping the digital world.

Share
Published by
Casey Reed

Recent Posts

High-Stakes Heist: Thief Steals Next-Gen NVIDIA GPUs Worth Over $15,000 Amidst Global Chip Shortage

In a striking illustration of the soaring value of high-end technology, a thief in South…

19 hours ago

China’s Shenlong Spaceplane Begins Fourth Secretive Mission, Deepening Space Race with US

A New Chapter in a Shadowy SagaChina's reusable spaceplane, "Shenlong" or "Divine Dragon," has once…

20 hours ago

Apple to Assemble Mac mini in Texas as Part of $600 Billion US Investment

Apple has announced that its manufacturing partner, Foxconn, will begin assembling certain Mac mini computers…

20 hours ago

Xiaomi Accelerates Global HyperOS 3 Rollout Powered by Android 16

After a brief slowdown for the Chinese New Year celebrations, Xiaomi's rollout of its HyperOS…

22 hours ago

Galaxy S26 Ultra Display Less Bright Than Rival? Leak Reveals Samsung’s Battery-First Strategy

A recent photo leak by blogger Sahil Karoul has sparked a debate in the tech…

22 hours ago

OnePlus 15T: A Compact Powerhouse Emerges for Small-Screen Aficionados

In the wake of the Lunar New Year festivities, the smartphone market is stirring with…

23 hours ago