What is the difference between BitLocker Drive Encryption 128-bit and 256-bit encryption?
Windows BitLocker Drive Encryption supports 128-bit and 256-bit encryption keys. Longer encryption keys provide an enhanced level of security and are less likely to be successfully attacked by the use of brute-force methods. However, longer keys can cause slower encryption and decryption of data. On some computers, using longer keys might result in noticeable performance degradation. You can change the length of the encryption key used by BitLocker through Group Policy.
In addition, BitLocker supports a Diffuser algorithm to help protect the system against ciphertext manipulation attacks, a class of attacks in which changes are made to the encrypted data in an attempt to discover patterns or weaknesses.
In this version of Windows, by default, BitLocker uses AES encryption, with 128-bit encryption keys and Diffuser. You can also select encryption without Diffuser by using Group Policy.