Microsoft Says New Hardware BitLocker Will Nearly Double Windows Storage Performance — But Only on Next-Gen CPUs
After enforcing slower software-based encryption in Windows 11, Microsoft now promises faster SSD speeds, lower CPU usage, and better battery life through hardware-accelerated BitLocker — if you buy new hardware.
Microsoft has unveiled a new hardware-accelerated BitLocker implementation designed to dramatically improve Windows storage performance and efficiency. The update, first announced at Ignite 2025, is now included in Windows 11 25H2 and Windows Server 2025 (September Update).
The company claims the new approach can nearly double storage performance in certain workloads, reversing the performance hit caused by Microsoft’s decision to enable software-based BitLocker encryption by default in recent Windows versions.
Why BitLocker Slowed Down Windows in the First Place
On fresh installs of Windows 11 Pro, BitLocker encryption is enabled automatically and handled entirely by software running on the CPU. Internal testing and Microsoft documentation show this can reduce SSD performance by up to 45%, particularly during heavy read and write operations.
While many modern SSDs already support hardware-based encryption (such as TCG Opal–compliant drives), Microsoft made it difficult for users to take advantage of that capability. As a result:
Encryption workloads were forced onto the CPU
Storage performance dropped noticeably
Battery life suffered, especially on laptops
New CPU-Based Crypto Offload Changes the Equation
Rather than reverting to SSD-based encryption by default, Microsoft is now introducing a CPU-level cryptography accelerator built into upcoming processors. This dedicated hardware handles encryption and decryption tasks without burdening general-purpose CPU cores.
Key improvements include:
Hardware crypto offloading for BitLocker
Up to 70% fewer CPU cycles used during encryption tasks
Faster sequential and random SSD performance
Improved power efficiency and battery life
The update also integrates UFS Inline Crypto Engine support, further reducing I/O overhead in supported systems.
Limited Availability: New CPUs Required
The catch? Hardware-accelerated BitLocker requires new processors.
At launch, support is limited to:
Intel vPro platforms
Upcoming Intel Core Ultra Series 3 “Panther Lake” CPUs
Microsoft says broader support is planned, but current systems — even high-end PCs — will not benefit from the new acceleration.
Stronger Security With Less Overhead
Beyond performance, Microsoft is also enhancing security. On supported SoCs:
BitLocker keys can be hardware-wrapped
Encryption is isolated from system memory
Exposure to CPU and RAM-based attacks is reduced
According to Microsoft’s Rafal Sosnowski, supported devices with NVMe storage and compatible SoCs will automatically use XTS-AES-256 hardware-accelerated BitLocker across automatic, manual, policy-driven, and scripted deployments.
What This Means for Windows Users
New PCs with next-gen CPUs will see major storage and battery gains
Existing Windows 11 systems remain stuck with slower software encryption
Microsoft is effectively fixing a performance problem it created, but only for future hardware
For now, users looking for faster BitLocker performance may still need to navigate complex configuration steps — or wait for their next PC upgrade.
0 Comments