Bit locker encryption system is the method of encrypting or shielding a particular drive in a computer by means of a bitlocker password to prevent unauthorized access of the data. By using Bit Locker the entire drive is protected. By default it uses the AES encryption algorithm in CBC mode with a 128-bit or 256-bit key, combined with the “Elephant diffuser” (Microsoft removed Elephant Diffuser from Windows 8 for some unknown reasons. But there were conjectures that it was done on request of NSA). The Elephant diffuser is there for providing additional disk encryption-specific security that is in general not given by AES. However CBC is not used over the whole disk, only for each individual disk sector. The following tutorial will help you enable Bitlocker drive encryption method and cipher strength in Windows 8.1
Steps to Choose BitLocker Drive Encryption Method and Cipher Strength in Windows 8.1
1. Press Windows + R to open Run window and type gepedit.msc and click Enter.
2. Now go to the following location Computer Configuration-> Administrative Templates-> Windows Components-> BitLocker Drive Encryption.
3. Double click on Choose drive encryption method and cipher strength to edit it. Check the option Enable and select the encryption method as AES 128 bit. Close Local Group Policy Editor.
I’m curious where you learned that NSA asked for the removal of the Diffuser option. Can you share a reference?
classified