Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: BitLocker Drive Encryption - Change Encryption Method and Cipher Strength


BitLocker Drive Encryption - Change Encryption Method and Cipher Strength

How to Change Windows 7 BitLocker Drive Encryption Method and Cipher Strength
Published by Brink
27 Feb 2009
Published by

How to Change Windows 7 BitLocker Drive Encryption Method and Cipher Strength


information   Information
This will show you how to change the encryption algorithm and key cipher strength used by BitLocker to encrypt drives in Windows 7.
Note   Note
BitLocker Drive Encryption supports 128-bit and 256-bit encryption keys. Longer encryption keys provide a more enhanced level of security and are less likely to be successfully attacked by the use of brute-force methods. However, longer keys can cause slower encryption and decryption of data. On some computers, using longer keys might result in noticeable performance degradation. In addition, BitLocker supports a Diffuser algorithm to help protect the system against ciphertext manipulation attacks, a class of attacks in which changes are made to the encrypted data in an attempt to discover patterns or weaknesses.

By default, Windows 7 BitLocker Drive Encryption uses AES encryption with 128-bit encryption keys and Diffuser.
warning   Warning
BitLocker is only available in the Windows 7 Ultimate and Enterprise editions.

This setting is applied when you turn on BitLocker. Changing the encryption method has no effect if the drive is already encrypted or if encryption is currently in progress. The encryption method must be changed before you encrypt the drive with BitLocker for the method you selected can be used on the drive.





OPTION ONE
Through Local Group Policy Editor
1. Open the Local Group Policy Editor.

2. In the left pane, click on to expand Computer Configuration, Administrative Templates, Windows Components, and BitLocker Drive Encryption. (See screenshot below)
-group_policy.jpg
3. In the right pane, right click on Choose drive encryption method and cipher strength and click on Edit. (See screenshot above)

4. To Use the Default AES 128-bit with Diffuser Method
NOTE: You can also select this in step 5 as well.
A) Select (dot) either Not Configured or Disabled. (See screenshot below step 6)

B) Go to step 6.
5. To Change the Default Encryption Method
A) Select (dot) Enabled. (See screenshot below step 6)


B) Under the Options section, select the encryption method you want BitLocker to use to encrypt drive with. (See screenshot below step 6)
  • AES 128-bit with Diffuser (default)
  • AES 256-bit with Diffuser
  • AES 128-bit
  • AES 256-bit
6. Click on OK. (See screenshot below)
Name:  Properties.jpg
Views: 7379
Size:  230.1 KB
7. Close the Local Group Policy Editor window.



OPTION TWO
Using a REG file Download
1. To Use AES 128-bit with Diffuser (default)
A) Click on the Download button below to download the file below.
AES_128-bit_with_Diffuser.zip
download
B) Go to step 5.
2. To Use AES 256-bit with Diffuser
A) Click on the Download button below to download the file below.
AES_256-bit_with_Diffuser.zip
download
B) Go to step 5.
3. To Use AES 128-bit
A) Click on the Download button below to download the file below.
AES_128-bit.zip

download
B) Go to step 5.
4. To Use AES 256-bit
A) Click on the Download button below to download the file below.
AES_256-bit.zip
download
5. Save the .zip file to the desktop.

6. Open the .zip file and extract the .reg file to the desktop.

7. Right click on the downloaded .reg file and click on Merge.

8. Click on Run, Yes, Yes, and OK when prompted.

9. Log off and log on, or restart the computer to apply.

10. When done, you can delete the downloaded .reg and .zip files on the desktop if you like.
That's it,
Shawn





Comment

 BitLocker Drive Encryption - Change Encryption Method and Cipher Strength




Tutorial Tools






Similar help and support threads
Windows 7 Tutorial Category
BitLocker Drive Encryption - BitLocker To Go - Turn On or Off
How to Turn Windows 7 BitLocker To Go On or Off for Removable Drives BitLocker To Go is used to encrypt and password protect any removable external hard drives and USB flash drives. The drives must be formatted using either the exFAT, FAT16, FAT32, or NTFS file system and must be at least...
Tutorials
Help me !! bitlocker drive encryption
can somebody help i use the bitlocker drive encryption and i freeze it in 80% encryption and now i can't access my USB flash drive i try to format it and it's always say "windows was unable to complete the format" my USB flash drive is protect by bitlocker drive encryption when i unlock my USB...
System Security
BitLocker Drive Encryption Shortcut - Create
How to Create a Windows 7 "BitLocker Drive Encryption" Shortcut This will show you how to create or download a BitLocker Drive Encryption shortcut. You can also Pin to Taskbar or Pin to Start Menu this shortcut, or move where you like in Windows 7 for easy use.You can use BitLocker Drive...
Tutorials
BitLocker Drive Encryption Without Ultimate
I like to get my OS to be genuine. But, I only qualify for a Home Upgrade. Anyone know of a way to still use this feature? Without having Ultimate?
System Security
Bitlocker Drive Encryption using USB
Hi, I have been having some issues when trying to turn Bitlocker on in C: I have followed the instructions as per this forum to enable a Startup key in gpedit.msc as I dont have TPM which worked. After following the instructions, Windows Bitlocker asked me to insert a USB to save the...
System Security
BitLocker Drive Encryption
While using BitLocker Drive Encryption feature, i selected the settings for using the USB to store the security key. But, once I restarted my PC, BitLocker didn't recognized the USB and went into recovery mode. Can anyone suggest as to why the USB key was not taken into consideration?
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 06:40.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App