AES Encryption

Encrypt and decrypt with AES-GCM, AES-CBC, or AES-CTR using 128, 192, or 256-bit keys - via the browser's WebCrypto API.

Mode
Output format
AES-GCM recommended: GCM mode provides authenticated encryption - it detects tampering. CBC and CTR do not authenticate. Use GCM unless you have a specific compatibility requirement.
Key Generator
Encrypt
Key source
Examples
Click to load plaintext into the input above
Hello, World!
{"user":"admin","role":"superuser","exp":9999999999}
FLAG{aes_gcm_is_authenticated_encryption}
Ciphertext
IV / Nonce
Salt
Decrypt
Key source
How it works

AES-GCM (Galois/Counter Mode) - Authenticated Encryption with Associated Data (AEAD). Provides both confidentiality and integrity. Recommended for all new applications. Uses a 12-byte nonce.

AES-CBC (Cipher Block Chaining) - Classic block cipher mode. Requires padding. Does not provide authentication - ciphertext can be silently tampered without detection (use with HMAC if needed). Uses a 16-byte IV.

AES-CTR (Counter Mode) - Turns AES into a stream cipher. Fast and parallelizable. Does not provide authentication. Uses a 16-byte counter.

Password mode - Derives a key from your password using PBKDF2 (100,000 iterations, SHA-256). A random 16-byte salt is generated each time - you must save it alongside the ciphertext to decrypt.

Raw hex key mode - Use a key directly (32/48/64 hex chars = 128/192/256 bits). Use the key generator above to create a cryptographically random key.

All operations use the browser's native WebCrypto SubtleCrypto API. The key is never exported or stored.

Security note: The IV/Nonce must be unique for every encryption operation with the same key. Never reuse an IV - especially with GCM, where IV reuse catastrophically breaks security. Store the ciphertext, IV, and (if password mode) salt together.
Send output to…
Tool piping coming in a future phase. Copy the output and paste it into any other tool.
View source of this tool Report issue