— About this tool
AES (Advanced Encryption Standard) is the symmetric cipher used everywhere from TLS to disk encryption: the same passphrase that encrypts the text also decrypts it. This tool derives an AES key from your passphrase with PBKDF2 (100,000 iterations, SHA-256), generates a random salt and IV per message, and prepends them to the ciphertext so the Base64 output is fully self-describing — paste it back with the same passphrase to recover the plaintext.
AES-GCM is an authenticated mode that detects tampering and is the recommended default; AES-CBC is offered for interoperability with systems that expect it. All cryptography runs locally via the Web Crypto API, so your text and passphrase never leave the page. This is handy for sharing a secret note or testing an encryption flow — not a replacement for end-to-end encrypted tooling for high-stakes secrets.
Encryption and decryption run entirely in your browser — nothing is uploaded.
Frequently asked questions
What do I need to decrypt the output?
The Base64 ciphertext plus the exact passphrase, cipher mode and key size used to encrypt it. The random salt and IV are embedded in the output, so you do not need to track those separately.
Should I use AES-GCM or AES-CBC?
Prefer AES-GCM: it is authenticated, so decryption fails loudly if the ciphertext was altered. Use AES-CBC only when you need to interoperate with a system that specifically requires it.
Why does the same text produce different ciphertext each time?
A fresh random salt and IV are generated for every encryption, which is correct and intended — it ensures identical plaintext does not produce identical ciphertext. Decryption still works because both are stored alongside the ciphertext.