Bitlocker RRS feed

  • Question

  •  If I were to use Bitlocker on a 2008 web and database server, would I be able to connect as ususal from an XP workstation. (My thought was yes, of course.) And will bitlocker slow down the DB & web service running on the server.  The server is TPM compliant and attached to the same AD as the XP workstation.
    Wednesday, November 26, 2008 3:13 PM


  • Good morning Tim.

    You are correct concerning client connectivity. Here several references for BitLocker / deployment, with flowcharts, and so on:

    BitLocker Drive Encryption Technical Overview

    Description of the BitLocker Drive Preparation Tool

    Indeed, BitLocker does have an impact on disk access throughput; the tradeoff, is, of course, between efficiency and security. The below paper (published by Microsoft) has the information your are seeking.

    AES-CBC + Elephant diffuser
    A Disk Encryption Algorithm for Windows Vista

    Our AES implementation uses about 20 cycles/byte for AES-CBC on a a Pentium 4. The
    diffuser takes about 10 cycles/byte. The overall cipher speed is just over 30 cycles per byte,
    including various overhead. This implies that the cipher is faster than the peak data rate
    of a typical disk.

    Our current BitLocker implementation manages to limit the loss of performance to around
    5% averaged over our test cases. Our typical end-user test scenarios show an even smaller
    overhead. This is good enough to allow widespread adoption of this security technology.


    Please let me know if I have adequately answered your questions.

    Bill Wesse
    MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM

    Escalation Engineer
    Thursday, November 27, 2008 1:52 PM