BitLocker uses the AES encryption algorithm in cyber-block chaining (CBC) mode with a 128-bit key, combined with the Elephant diffuser for additional disk-encryption-specific security not provided by AES.
The application works by encrypting a disk partition; that partition can be located on the system or on a removable device. If you are using BitLocker to secure your system's hard drive, for example, it will create a system partition (which contains the files needed to start your computer) and an operating system partition, which contains your applications, data and Windows. The operating system partition will be encrypted and the system partition will remain unencrypted so your computer can start.

BitLocker reaches its full potential on computers equipped with TPM. BitLocker can use either transparent operation mode (where the TPM automates key entry) or a user authentication mode (where the user must manually input a password). The TPM hardware detects any unauthorized changes to the pre-boot environment, including to the BIOS and master boot record (MBR). If any unauthorised changes are detected, BitLocker requests a recovery key on a USB device or a recovery password entered by hand. Either of these cryptographic secrets will decrypt the Volume Master Key (VMK) and allow the bootup process to continue.

BitLocker offers additional protection in the form of BitLocker To Go, an encryption option that can be used with removable media.

The link for this article located at Tech World is no longer available.