For Windows’ BitLocker drive encryption, performance has been a long-standing pain point, especially as high-speed NVMe drives have become more dominant in the market. Fortunately, Microsoft has taken note and will soon be introducing hardware-accelerated BitLocker drive encryption and decryption on supported hardware, with future updates to Windows 11 24H2 and 25H2. According to Microsoft, Hardware-Accelerated BitLocker will "take advantage of upcoming SoC and CPU capabilities to achieve better performance and security for current and future NVMe drives" by utilizing crypto offloading to an SoC’s dedicated crypto engine.

In addition to speeding up encryption and decryption, Hardware-Accelerated BitLocker will also ease the load placed on the host CPU. Current software-accelerated BitLocker uses about 70% more CPU cycles than hardware-accelerated BitLocker will. Freeing up those CPU cycles can not only increase system performance and responsiveness, but conserve power too.

Those who want to utilize hardware-accelerated BitLocker will be limited to modern and upcoming CPUs that have an onboard cryptographic engine. Initial support for hardware-accelerated BitLocker encryption and decryption will be limited to upcoming Intel Panther Lake (Core Ultra Series 3) CPUs, with "support for other vendors and platforms planned". This means most current-gen and older PCs will not be able to utilize hardware-accelerated BitLocker and enjoy its benefits.

In early benchmarks shown by Microsoft, hardware-accelerated BitLocker seems to significantly increase random read and write performance. It should also improve the security of NVMe drives over software BitLocker, which relies on sometimes-breakable drive-based encryption.


Chris Harper

Christopher Harper is a tech writer with over a decade of experience writing how-tos and news. Off work, he stays sharp with gym time & stylish action games.