Make Tools
🔒

AES Encryption & Decryption

Encrypt and decrypt text using AES-256-GCM (Galois/Counter Mode, NIST SP 800-38D) with password-based key derivation via PBKDF2-HMAC-SHA-256 (100,000 iterations, per NIST SP 800-132). AES-256 provides authenticated encryption — both confidentiality and integrity. The output format is salt:IV:ciphertext (Base64-encoded). All processing uses the Web Crypto API in your browser.

Frequently Asked Questions

What encryption is used?
The tool uses AES-256-GCM (Advanced Encryption Standard with 256-bit key in Galois/Counter Mode) as specified in NIST SP 800-38D. GCM provides authenticated encryption, meaning it both encrypts the data and produces an authentication tag to detect tampering. The password is converted to a 256-bit key using PBKDF2-HMAC-SHA-256 with 100,000 iterations and a random 16-byte salt, following NIST SP 800-132 recommendations.
How do I share encrypted data?
The encrypted output contains salt, IV, and ciphertext separated by colons. Share this entire string along with the password through a separate channel.
Can I decrypt with other tools?
Yes, but you need a tool that supports AES-256-GCM with PBKDF2 key derivation using the same parameters (100K iterations, SHA-256).

Related Tools

🔐Base64 Encode & Decode#️⃣Hash Generator (MD5, SHA-256, SHA-512)🔏HMAC Generator

How to Use

  1. 1 Enter the text you want to encrypt in the input field.
  2. 2 Enter a strong password for key derivation.
  3. 3 Click **Encrypt** - the tool uses AES-256-GCM with PBKDF2 (100,000 iterations).
  4. 4 Share the encrypted output (salt:iv:ciphertext) and password through separate channels.
  5. 5 To decrypt, paste the encrypted string and enter the same password.