BitLocker

BitLocker is a drive encryption technology introduced by Microsoft in its Windows Vista Operating System.

Default Configuration
BitLocker is off by default on a clean RTM install of the Windows Vista Ultimate Operating System.

OEM Default Configurations
There are no known configurations of OEM machines with BitLocker enabled by default.

Hardware Requirements

 * Two NTFS drive partitions.
 * For TPM
 * Trusted Platform Module (TPM) microchip, version 1.2, turned on.
 * Trusted Computing Group (TCG)-compliant BIOS.
 * For non-TPM
 * USB flash drive.
 * A BIOS that can read and write to a USB flash drive.

Software Requirements
BitLocker will be available in Windows Vista Ultimate and Windows Vista Enterprise versions only.

Modes
TODO TPM (Trusted Platform Module) USB Memory Stick

Back doors
There is no plan to implement back-door access in BitLocker.

Detection using WMI
To detect BitLocker or TPM you can use the Security WMI Providers. The reference page has links to both the BitLocker Provider and the TPM provider. Search for "Security WMI Providers Reference" if the link no longer works. As an example, the "GetEncryptionMethod" method of Win32_EncryptableVolume on the BitLocker provider indicates the encryption algorithm and key size used on the volume.

Detection Without WMI
When you need to detect BitLocker from a different Operating System, you can look at the BIOS Parameter Block (BPB) which is located in the first bytes of the first sector of the volume. The 8 bytes starting at offset 3 should be "-FVE-FS-". Further information can be found on the System Integrity Team Blog.

Algorithm
The BitLocker cryptographic algorithm has been published.