bitwarden/help
1
0
Fork 0
mirror of https://github.com/bitwarden/help synced 2025-12-15 07:43:48 +00:00
Code Issues Releases Wiki Activity
Files
e1436f633bc28fa45e8a9d5abaed31335b8e5cad
help/_articles/security/what-encryption-is-used.md
Kyle Spearrin e1436f633b rename file
2016-10-15 02:32:19 -04:00

35 lines
1.4 KiB
Markdown
Raw Blame History

---
layout: article
title: What encryption is being used?
category: Security
featured: true
popular: false
tags: [encryption]
---
bitwarden uses [AES][aes] 256 bit encryption as well as [PBKDF2][pbkdf2] to secure your data.
[AES][aes] is used by the US government and other government agencies around the world for protecting top secret data. With
proper implementation and a strong encryption key (your master password), it is considered unbreakable.
[PBKDF2][pbkdf2] is used to derive the encryption key from your master password. This key is then salted and hashed.
bitwarden does not write any crypto code. bitwarden only invokes crypto from popular and reputable crypto libraries that are
written and maintined by cryptography experts. The following crypto libraries are used:
- Javascript (web and browser extension vaults)
- [SJCL][sjcl]
- C# (mobile vault)
- CommonCrypto (iOS, Apple)
- Javax.Crypto (Android, Oracle)
- [BouncyCastle][bouncy] (Android)
bitwarden **always** encrypts and/or hashes your data on your local device before it is every sent to the cloud servers for
syncing. The bitwarden servers are only used for storing encrypted data. It is not possible to get your unencrypted data from
the bitwarden cloud servers.
[aes]: https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
[pbkdf2]: https://en.wikipedia.org/wiki/PBKDF2
[sjcl]: https://crypto.stanford.edu/sjcl/
[bouncy]: http://www.bouncycastle.org/csharp/
Reference in New Issue View Git Blame Copy Permalink