AES Encrypt/Decrypt

Encrypt and decrypt text using AES-GCM with a password. All processing happens in your browser.

Output:

Encrypted output will appear here...

About AES-GCM

AES-GCM (Galois/Counter Mode) provides both encryption and authentication. A random salt and IV are generated for each encryption, ensuring identical plaintexts produce different ciphertexts.

Password Security

Your password is used to derive a 256-bit key via PBKDF2 with 100,000 iterations. Use a strong, unique password for best security.

Keyboard Shortcuts:

  • Ctrl/Cmd + Enter - Encrypt or decrypt

Privacy: All encryption and decryption happens locally using the native crypto.subtle API (PBKDF2 + AES-GCM) and crypto.getRandomValues() for salt and IV generation. No data is sent to any server.

About AES-GCM Encryption

AES-GCM (Advanced Encryption Standard - Galois/Counter Mode) is a symmetric encryption algorithm that provides both confidentiality and data authenticity. It is widely regarded as one of the most secure and efficient encryption modes available, and is the standard used in TLS 1.3, SSH, and many other security protocols.

How PBKDF2 Key Derivation Works:

  • Your password is combined with a random 16-byte salt
  • PBKDF2 applies SHA-256 hashing 100,000 times
  • This produces a strong 256-bit AES key
  • The high iteration count makes brute-force attacks impractical
  • A unique salt ensures identical passwords produce different keys

Common Use Cases:

  • Encrypting sensitive notes or messages
  • Protecting configuration secrets
  • Sharing encrypted data via insecure channels
  • Storing encrypted values in plaintext files
  • Learning about symmetric encryption

What Are Salt and IV, and Why Do They Matter?

Salt (16 bytes): A random value mixed with your password during key derivation. It ensures that the same password produces a different encryption key each time, preventing precomputed dictionary attacks (rainbow tables).

IV / Initialization Vector (12 bytes): A random value used as input to the AES-GCM cipher. It ensures that encrypting the same plaintext with the same key produces different ciphertext each time, preventing pattern analysis.

Output Format: The encrypted output is formatted as salt:iv:ciphertext, with each component encoded in base64. This format allows the decryption process to extract the salt and IV needed to reconstruct the key and decrypt the data.

Security Warning: This tool is intended for educational purposes and lightweight encryption tasks. Do not use it as a substitute for production password storage (use bcrypt, scrypt, or Argon2 instead). The security of the encryption depends entirely on the strength of your password. Always use a long, random, and unique password. Never share your password through the same channel as the encrypted data.