Microsoft has introduced a groundbreaking hardware-accelerated BitLocker encryption system for Windows 11, marking a significant shift in how cryptographic operations are handled. This new approach transfers the encryption workload from software to dedicated accelerator units that will be integrated into future CPU microarchitectures. Historically, the software-based BitLocker in Windows 11 has led to considerable performance issues, with the average number of cycles per I/O soaring from approximately 400,000 cycles to around 1.9 million cycles—a staggering 375% increase. Such a rise has resulted in notable storage performance degradation.
Performance Enhancements with Hardware Acceleration
Announced at Ignite 2025 in November, the new hardware acceleration is now available in Windows 11 version 25H2 and Windows Server 2025 following the September update. Initial testing reveals that certain workloads can achieve double the storage performance while simultaneously reducing CPU usage by over 70%. This innovative system offloads AES-XTS-256 encryption processing from the main processor to a fixed-function cryptography engine embedded within the system on chip (SoC). Furthermore, encryption keys are hardware-wrapped, bolstering security against potential memory-based attacks.
The initial rollout will focus on Intel vPro platforms featuring the upcoming Core Ultra Series 3 “Panther Lake” processors, with plans to extend support to other vendors in the future. Performance data indicates that while sequential read and write speeds remain comparable between software and hardware approaches, the random 4K operations exhibit remarkable improvements with hardware acceleration. In RND4K Q32T1 read and write tests, hardware-accelerated BitLocker is found to be 2.3 times faster. For single-queue random reads, hardware-based encryption demonstrates a speed increase of approximately 40%, while single-queue random writes are about 2.1 times faster.
These findings underscore the substantial enhancements in small-block random performance brought about by hardware-based acceleration. Given that modern multitasking relies heavily on these random access patterns, the previous software-only implementation’s slowdowns become more understandable. Microsoft’s latest innovation not only addresses past performance issues but also sets a new standard for encryption efficiency in the evolving landscape of computing.
