AES Encrypt / Decrypt

Encrypt and decrypt text with AES-256-GCM. Key derived via PBKDF2. Output is self-contained Base64 (salt + IV + ciphertext).

AES-256-GCM · PBKDF2 key derivation (100,000 iterations, SHA-256) · 16-byte random salt · 12-byte random IV · Output is self-contained Base64

AES-256-GCM browser encryption: no server, no storage

AES (Advanced Encryption Standard) in GCM mode is the gold standard for symmetric encryption. Unlike older modes such as CBC, GCM simultaneously encrypts and authenticates the data, so any tampering is detected on decryption. This tool runs the full AES-256-GCM algorithm inside your browser using the W3C Web Crypto API: the same API that powers HTTPS on billions of connections every day.

The password you enter never leaves the page. A fresh 16-byte random salt and 12-byte IV are generated on each encryption, making every ciphertext unique even for identical plaintexts. The output Base64 string bundles all three fields (salt, IV, ciphertext) so it is fully portable and can be decrypted anywhere.

How to use: step by step

  1. 1
    Choose a mode
    Select Encrypt to protect plaintext, or Decrypt to recover it from a Base64 ciphertext blob.
  2. 2
    Enter your text
    Paste or type the message you want to encrypt (or the Base64 ciphertext if decrypting).
  3. 3
    Set a password
    Type an encryption password. It is never transmitted: PBKDF2 derives a 256-bit key locally.
  4. 4
    Click Encrypt / Decrypt
    The browser runs AES-256-GCM, generating a fresh 16-byte salt and 12-byte IV on every operation.
  5. 5
    Copy the output
    The Base64 output is self-contained (salt + IV + ciphertext). Share it anywhere: only your password can decrypt it.

Related Tools

Frequently Asked Questions

Is my data sent to a server?
No. All encryption and decryption is performed using the Web Crypto API directly in your browser. Nothing is transmitted.
What AES variant does this tool use?
AES-256-GCM (Galois/Counter Mode). GCM provides both confidentiality and authenticity: if the ciphertext is tampered with, decryption fails.
How is the key derived from my password?
PBKDF2 with SHA-256, 100,000 iterations, and a 16-byte random salt. This makes brute-force attacks computationally expensive.
What is in the Base64 output?
The Base64 string encodes three concatenated fields: 16-byte salt, 12-byte IV, and the GCM ciphertext (which includes the authentication tag). It is entirely self-contained.
Can I decrypt on a different device?
Yes. As long as you have the Base64 ciphertext and the correct password, you can decrypt it in any AES-256-GCM-compatible implementation.
Why does decryption fail?
Decryption fails when the password is wrong or the ciphertext has been modified. GCM's authentication tag detects both cases.
Is AES-256-GCM safe for production use?
Yes. AES-256-GCM is a NIST-approved cipher used in TLS 1.3, Signal, and countless other security-critical applications.
What is the difference between AES-GCM and AES-CBC?
GCM is an authenticated encryption mode: it also verifies integrity. CBC is a plain cipher mode that requires a separate MAC. GCM is the modern best practice.
Does this tool store my password or ciphertext?
Never. The tool has no persistent storage, no analytics, and makes no network calls during encryption or decryption.
Can I use this to encrypt files?
This tool encrypts text. For file encryption you would need to read the file as Base64 first, or use a dedicated file encryption tool.

AlteredIdea vs alternatives

vs online hashing sites: Many send your data to a server to hash it. AlteredIdea runs all cryptographic operations in your browser using the Web Crypto API: your sensitive data never leaves your device.

vs openssl / command line: No terminal, no setup. Just paste and get results instantly.

vs library code: No coding required. Instant visual output with copy-to-clipboard.