BitLocker | EPFL Graph Search

Are you an EPFL student looking for a semester project?

Work with us on data science and visualisation projects, and deploy your project as an app on top of GraphSearch.

BitLocker is a full volume encryption feature included with Microsoft Windows versions starting with Windows Vista. It is designed to protect data by providing encryption for entire volumes. By default, it uses the Advanced Encryption Standard (AES) algorithm in cipher block chaining (CBC) or "xor–encrypt–xor (XEX)-based Tweaked codebook mode with ciphertext Stealing" (XTS) mode with a 128-bit or 256-bit key. CBC is not used over the whole disk; it is applied to each individual sector. BitLocker originated as a part of Microsoft's Next-Generation Secure Computing Base architecture in 2004 as a feature tentatively codenamed "Cornerstone" and was designed to protect information on devices, particularly if a device was lost or stolen. Another feature, titled "Code Integrity Rooting", was designed to validate the integrity of Microsoft Windows boot and system files. When used in conjunction with a compatible Trusted Platform Module (TPM), BitLocker can validate the integrity of boot and system files before decrypting a protected volume; an unsuccessful validation will prohibit access to a protected system. BitLocker was briefly called Secure Startup before Windows Vista's release to manufacturing. BitLocker is available on: Enterprise and Ultimate editions of Windows Vista and Windows 7 Pro and Enterprise editions of Windows 8 and 8.1 Windows Server 2008 and later Pro, Enterprise, and Education editions of Windows 10 Pro, Enterprise, and Education editions of Windows 11 Initially, the graphical BitLocker interface in Windows Vista could only encrypt the operating system volume. Starting with Windows Vista with Service Pack 1 and Windows Server 2008, volumes other than the operating system volume could be encrypted using the graphical tool. Still, some aspects of the BitLocker (such as turning autolocking on or off) had to be managed through a command-line tool called manage-bde.wsf. The version of BitLocker included in Windows 7 and Windows Server 2008 Release 2 adds the ability to encrypt removable drives.

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Related concepts (41)

Related lectures (15)

Windows NT

Windows NT is a proprietary graphical operating system produced by Microsoft, the first version of which was released on July 27, 1993. It is a processor-independent, multiprocessing and multi-user operating system. The first version of Windows NT was Windows NT 3.1 and was produced for workstations and server computers. It was a commercially focused operating system intended to complement consumer versions of Windows that were based on MS-DOS (including Windows 1.0 through Windows 3.1x).

Trusted Execution Technology

Intel Trusted Execution Technology (Intel TXT, formerly known as LaGrande Technology) is a computer hardware technology of which the primary goals are: Attestation of the authenticity of a platform and its operating system. Assuring that an authentic operating system starts in a trusted environment, which can then be considered trusted. Provision of a trusted operating system with additional security capabilities not available to an unproven one.

BitLocker

Symmetric Encryption: DES and AES COM-401: Cryptography and security

Explores DES and AES encryption, discussing weak keys, attacks, AES structure, IV importance, and various modes of operation for secure encryption.

Trusted Computing: Information Security and Privacy

Explores trusted computing, confidentiality, side-channel attacks, and mitigation strategies against vulnerabilities in hardware.

Security Protocols and Applications: Introduction COM-506: Student seminar: security protocols and applications

Introduces a seminar where students present on various security topics and emphasizes the importance of correct cryptographic implementations.