Does the TPM affect performance of Windows BitLocker


My question could be silly, but I haven't found confirmations on the topic

Does using a TPM improve Windows BitLocker's performance than relying only on PIN/USB/token authentication?

In my case I need to change motherboard to get TPM support, but I won't change the CPU, which is an AMD Phenom II.

To my recollection the answer should be a plain NO because the TPM acts only as cryptographic storage of keys and cryptographic operations on the disk's data is done by the CPU with performance based on hardware encryption acceleration.

That would mean the performance downgrade depends on the ability of the Phenom (or any other CPU) to perform ciphering fast.

This question is not obviously about security. And pre-boot authentication delay (e.g. the time to type the PIN) does not count as performance to me.

Best Answer

  • The TPM is not used during normal encrypted data access operations.

    BitLocker doesn't use the TPM to store the key used to perform the on-the-fly decrypt/encrypt operations that protect data on a BitLocker-encrypted volume. It's a little complicated, but here is a brief explanation of how the relevant keys are used:

    1. Data written to a BitLocker-protected volume is encrypted with a full-volume encryption key (FVEK). This key does not change until BitLocker is completely removed from a volume.
    2. The FVEK is encrypted with the volume master key (VMK) then stored (in its encrypted form) in the volume's metadata.
    3. The VMK in turn is encrypted with one or more protectors, such as a TPM or Recovery key.

    You can combine the TPM with a numeric PIN or with a partial key stored on a USB drive for increased security. Each of these is a form of two-factor authentication. If your computer does not have a compatible TPM chip and BIOS, BitLocker can be configured to store a key protector completely on a USB drive. This is called a startup key. BitLocker can be disabled without decrypting the data; in this case, the VMK is protected only by a new key protector that is stored unencrypted. Note that this clear key allows the system to access the drive as if it were unprotected.

    The following picture displays the reverse process happening when user authenticates with BitLocker (note that authentication usually mean hardware attestation from the TPM)

    Scheme of disk decryption

    It's clear that the TPM's role is to simply "store" an encrypted copy of the VMK, which in turn is used to decrypt the FVEK. It's the FVEK that's used in the actual encryption/decryption process used when data is accessed on the disk.

    More information about this process can be found on TechNet.

  • Related Question