Difference between revisions of "BitLocker Disk Encryption"

Revision as of 21:00, 12 February 2009 (view source) Jessek (Talk | contribs) ← Older edit		Revision as of 21:00, 12 February 2009 (view source) Jessek (Talk | contribs) m (→‎See Also) Newer edit →
Line 12:		Line 12:
	== See Also ==		== See Also ==
−	[[BitLocker To Go]]	+	* [[BitLocker To Go]]
−	[[Defeating Whole Disk Encryption]]	+	* [[Defeating Whole Disk Encryption]]
	== External Links ==		== External Links ==

---

Revision as of 21:00, 12 February 2009

BitLocker Disk Encryption is a Microsoft Full Volume Encryption solution first included with the Enterprise and Ultimate editions of Windows Vista.

Contents 1 Indicator 2 Algorithm 3 Recovery Keys 4 See Also 5 External Links

Indicator

Drives protected with BitLocker will have a different signature than the standard NTFS header. Instead, they have in their first sector:

EB 52 90 2D 46 56 45 2D 46 53 2D

or, in ASCII,

eR -FVE-FS-

Algorithm

The program uses either 128 or 256 AES with an elephant diffuser. See the links section for full details.

Recovery Keys

See Also

• BitLocker To Go
• Defeating Whole Disk Encryption

External Links

• Conducting forensic analysis on BitLocker protected volumes was discussed in the paper Implementing BitLocker for Forensic Analysis.
• Wikipedia entry on BitLocker
• Microsoft's Step by Step Guide
• Microsoft Technical Overview
• Microsoft FAQ
• Microsoft Description of the Encryption Algorithm
• Cold Boot Attacks, Full Disk Encryption, and BitLocker