Algorithm used to generate a BitLocker recovery key

AFAIK they're just randomly chosen, using the HWRNG of the TPM (or CPU). There's no set seed, and no practical way to brute force them.

see bitcracker coed. it is an open source software to brute force recovery key(48 digit)

SAI Peregrinus you are wrong. if it is random so why it can be devided by 11?

Quite often the key is first random generated and then one or more checksum digits are added. Checking if an entered key is dividable by 11 (a prime number) would be a good way to check if any copying mistakes were made. If I look at the BitLocker white paper I see a recovery key of 8 x 6 decimal digits, or 48 digits. That's $48 \times ~3.2 \approx 153$ bits to play around with. As for the BitCracker software: "By means of a dictionary attack, BitCracker tries to find the correct User **Password** or Recovery **Password** to decrypt the encrypted storage device." A password is not a key.

"generated using an algorithm which generates a random number using a specific seed" If no random data is used then the algorithm would be deterministic and no use whatsoever. If the seed itself was randomly generated then there is no difference between your #1 and #2. Microsoft seems to claim that the key is randomly generated; that's not the same as generating it e.g. from a user name.

thank you Maarten Bodewes. is it possible that the key is generated using a seed (at most 64 bit) and an algorithm so as a result it is possible to brute force the seed practically?

I'd probably take the code to check if that is the case, but from a development perspective it would be almost harder to do than to directly generate the key using the system PRNG.

I sit in a Tesla and translated this thread with Ai: