Forward-looking: Originally introduced with Windows Vista in 2006, BitLocker is Microsoft's own solution for managing fully encrypted volumes and storage units. The technology is also notorious for having some reliability, performance, and security issues, but Redmond is now working to fix all these problems at once - provided you are willing to buy some new PC hardware.
Microsoft will soon start "accelerating" input/output (I/O) operations for BitLocker-encrypted volumes on PC systems with compatible hardware components. The company initially introduced the change at the Ignite conference last month, and has now provided some important details about how hardware-accelerated encryption will actually work.
According to Microsoft's Rafal Sosnowski, hardware-accelerated BitLocker solutions are designed to bring a significant improvement in performance and security for encrypted setups. The technology is allegedly going to counter issues emerging with newer Non-Volatile Memory Express (NVMe) storage technology, which can achieve much higher I/O performance levels.
A modern NVMe SSD can quickly move massive amounts of data and files around, pushing BitLocker encryption algorithms to require a higher number of CPU cycles as a consequence. If not properly optimized, Sosnowski said, this additional overhead may become a significant issue in specific applications.
Microsoft quotes professional video editing on large clip files, compilation of massive codebases, and gaming as some of the storage scenarios that may be affected by this potential computational overhead. Hardware acceleration will allegedly help BitLocker reduce its performance impact, offloading the bulk of its cryptographic operations from the main CPU to a dedicated "crypto engine" in the SoC. Furthermore, the feature will also shield encryption keys from external prying eyes with a proper hardware wrapping procedure.
The software components of BitLockeracceleration are already available in Windows 11, starting with the September 2025 update (24H2) and Windows 11 25H2. However, the feature is currently only supported on Intel vPro systems based on the upcoming Core Ultra Series 3 CPUs, but Microsoft is looking into extending support to other vendors and processor platforms.
Microsoft explains that by offloading encryption operations to a dedicated SoC component, BitLocker can achieve some truly eye-opening performance improvements. A hardware-accelerated BitLocker volume is allegedly as fast as an NVMe drive without BitLocker encryption, while the number of CPU cycles required for I/O management is orders of magnitude lower when compared to software-based encryption.
The company said that customers interested in using hardware-accelerated encryption must comply with some specific prerequisites. The feature will only work when volumes are encrypted with the XTS-AES-256 algorithm, and eventually other algorithms supported by the SoC vendor. Furthermore, IT administrators can proactively customize or disable the feature through specific enterprise policies.