From b7f110cf4d197dae2fac8b21db45f79c8791cb38 Mon Sep 17 00:00:00 2001
From: Kyle Spearrin <kyle.spearrin@gmail.com>
Date: Sat, 15 Oct 2016 02:19:30 -0400
Subject: [PATCH] what encryption is used article. ref #2

---
 .../security/what-encryptoion-is-used.md      | 34 +++++++++++++++++++
 _config.yml                                   |  1 +
 2 files changed, 35 insertions(+)
 create mode 100644 _articles/security/what-encryptoion-is-used.md

diff --git a/_articles/security/what-encryptoion-is-used.md b/_articles/security/what-encryptoion-is-used.md
new file mode 100644
index 00000000..ecefb869
--- /dev/null
+++ b/_articles/security/what-encryptoion-is-used.md
@@ -0,0 +1,34 @@
+---
+layout: article
+title: What encryption is being used?
+category: Security
+featured: true
+popular: false
+tags: [encryption]
+---
+
+bitwarden uses [AES][aes] 256 bit encryption as well as [PBKDF2][pbkdf2] to secure your data.
+
+[AES][aes] is used by the US government and other government agencies around the world for protecting top secret data. With
+proper implementation and a strong encryption key (your master password), it is considered unbreakable.
+
+[PBKDF2][pbkdf2] is used to derive the encryption key from your master password. This key is then salted and hashed.
+
+bitwarden does not write any crypto code. bitwarden only invokes crypto from popular and reputable crypto libraries that are
+written and maintined by cryptography experts. The following crypto libraries are used:
+
+- Javascript (web and browser extension vaults)
+  - [SJCL][sjcl]
+- C# (mobile vault)
+  - CommonCrypto (iOS, Apple)
+  - Javax.Crypto (Android, Oracle)
+  - [BouncyCastle][bouncy] (Android)
+
+bitwarden **always** encrypts and/or hashes your data on your local device before it is every sent to the cloud servers for
+syncing. The bitwarden servers are only used for storing encrypted data. It is not possible to get your unencrypted data from
+the bitwarden cloud servers.
+
+[aes]: https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
+[pbkdf2]: https://en.wikipedia.org/wiki/PBKDF2
+[sjcl]: https://crypto.stanford.edu/sjcl/
+[bouncy]: http://www.bouncycastle.org/csharp/
diff --git a/_config.yml b/_config.yml
index 5c528274..083fe1fe 100644
--- a/_config.yml
+++ b/_config.yml
@@ -1,6 +1,7 @@
 markdown: kramdown
 permalink: pretty
 encoding: utf-8
+port: 4009
 
 exclude: [node_modules, ./bitwarden-help.sln]