BitLocker Drive Encryption is a data protection specification developed by Microsoft that provides partition encryption.
BitLocker is included in the Enterprise and Ultimate versions of Windows Vista1, in all editions of Windows Server 2008 and Windows Server 2008 R2 except the Itanium edition, in the Enterprise and Ultimate editions of Windows 7, and finally in the Professional and Windows 8, 8.1 and Windows 10 enterprise.
BitLocker provides three operation modes2. The first two modes require a cryptographic hardware component called Trusted Platform Module (TPM) (version 1.2 or higher) and of course a compatible BIOS:
Transparent operation mode: Transparent operation mode; the user does not have to identify himself during the pre-boot phase (before running the BIOS);
User authentication mode: This mode requires the user to identify himself (for example with a USB device). The third mode does not require a hardware component TPM:
USB-Key: this requires access to a USB device is possible BEFORE loading the operating system (it is a constraint on the BIOS)
For BitLocker to work, the disk must contain at least two NTFS formatted partitions:
system volume with at least 1.5 gigabytes;
the boot volume that contains Vista, 7, 8.1 Pro.
Since version 1511 of Windows 10 bitLocker supports XTS-AES 128 keys