🔒

AES Encryption Online — Free Browser-Based Encrypt Tool

AES-128 · AES-192 · AES-256 · GCM · CBC · CTR — PBKDF2 key derivation · 100% browser-side

Key
Out
AES-GCM
Authenticated encryption — tamper-proof. Recommended.
✅ Recommended
AES-CBC
Classic block cipher mode. PKCS7 padding. No auth tag.
AES-CTR
Stream cipher mode — no padding, fast. No auth tag.
PBKDF2 derives a 256-bit AES key — 100,000 SHA-256 iterations + random salt
⚠️ Save this for decryption!
⚠️ Save this for decryption!
🔒
Enter text + password to encrypt
AES-256-GCM recommended — authenticated + tamper-proof
Ctrl+Enter Encrypt   Ctrl+L Clear   Ctrl+S Download
📊 Your Stats
0operations
0 secondstime saved

⚙️ How It Works

1
Password → Key
PBKDF2 derives AES key from passphrase + salt (100K SHA-256 iterations)
2
Random IV
Unique IV ensures different ciphertext every time, even for same input
3
AES Encrypt
Browser Web Crypto API — native, audited, zero third-party libs
4
Base64 / Hex Out
Encrypted bytes encoded to readable, copy-pasteable format

🔄 Mode Comparison

ModeAuthSpeed
GCMFast
CBCFast
CTRFastest

💡 Security Tips

✅ Use GCM — detects tampering

✅ Use AES-256 for max security

✅ Use 12+ char passphrase

⚠️ Save IV + Salt — required to decrypt

⚠️ Never reuse same IV for different messages

🔒 No data leaves your browser — ever

Frequently Asked Questions

What is AES encryption?

AES (Advanced Encryption Standard) is a symmetric block cipher adopted by NIST in 2001. It encrypts data in 128-bit blocks using a 128, 192, or 256-bit key. AES-256 with 2^256 possible keys is effectively unbreakable with current computing.

What is the difference between AES-GCM, CBC, and CTR modes?

GCM (Galois/Counter Mode) provides authenticated encryption — it encrypts and produces an authentication tag to detect tampering. Recommended for all new projects. CBC (Cipher Block Chaining) is the classic mode with PKCS7 padding but no auth tag. CTR (Counter Mode) is a stream cipher — fastest, no padding, but no authentication.

Why do I need to save the IV and Salt?

IV and Salt are mathematically required for decryption. Without them, decryption is impossible even with the correct password. They are not secret — just save them alongside the ciphertext.

Is my data safe? Does it get sent to any server?

No data is ever sent to any server. All AES operations use your browser's native Web Crypto API. Your text stays 100% local — private by design.

What is PBKDF2 key derivation?

PBKDF2 converts your passphrase into a strong AES key using 100,000 SHA-256 iterations + a random salt. This makes brute-force attacks computationally expensive even if the algorithm is known.

Which AES mode should I use in 2025?

Use AES-256-GCM for all new projects — it provides authenticated encryption with tamper detection. CBC is acceptable for legacy compatibility. CTR is fastest but use only if you handle authentication separately.