By default the system uses the AES encryption algorithm in CBC mode with a 128-bit or 256-bit key, combined with the "Elephant" diffuser for additional encryption-specific security not provided by AES.
- BitLocker Drive Encryption is a logical volume encryption system.
- A volume may or may not be an entire drive, or it can span one or more physical drives.
- TPM and BitLocker can ensure the integrity of the trusted boot path in order to provent offline physical attacks, boot sector malware, etc.
- At least two NTFS-formatted volumes are required: one for the operating system and another with a minimum 100mb size from which the operating system boots.
No comments:
Post a Comment