AES Encrypt / Decrypt
Encrypt and decrypt text using the AES symmetric cipher. Choose between AES-GCM (authenticated, recommended) and AES-CBC. Key is derived from your passphrase using PBKDF2 — everything runs offline in your browser.
Key is derived from this passphrase using PBKDF2 (100,000 iterations, SHA-256). Never sent anywhere.
All encryption/decryption happens entirely in your browser. Your data and passphrase are never transmitted.
AES-GCM vs AES-CBC
| Feature | AES-GCM | AES-CBC |
|---|---|---|
| Authentication | Built-in (AEAD) | Requires separate MAC |
| IV Size | 12 bytes (96-bit) | 16 bytes (128-bit) |
| Tampering Detection | Yes | No |
| Performance | Fast (hardware support) | Fast |
| Recommendation | Preferred | Legacy compatibility |
Security Notes
- Always use a strong, unique passphrase. Short passphrases are vulnerable to brute-force.
- The IV and salt are randomly generated per encryption and must be stored alongside the ciphertext for decryption.
- AES-GCM will fail decryption if the ciphertext has been tampered with (authentication tag mismatch).
- PBKDF2 with 100,000 iterations adds resistance against dictionary attacks on the passphrase.