AES Encrypt / Decrypt

Encrypt text using AES-128/256 with PBKDF2 key derivation (100k iterations). Supports CBC, ECB, CFB, OFB, CTR modes.

Cryptography

Mode Key size Output

🔒 Encrypt

Plaintext

Secret Passphrase

Key derived via PBKDF2 (100k iterations + random salt). Industry-standard KDF.

Ciphertext

IV (Initialization Vector)

Generated automatically on encrypt

Salt (PBKDF2)

Generated automatically on encrypt

🔓 Decrypt

Ciphertext

Passphrase

IV (hex)

Salt (hex) All three (IV, salt, key) are required to decrypt.

Decrypted Plaintext

Common use cases

Encrypt sensitive notes
Test AES integration before implementing
Verify encrypted output from your code

Frequently asked questions

Why does the tool require a salt and IV?

Modern AES uses PBKDF2 to derive a strong key from your passphrase using a random salt and 100,000 iterations. The salt prevents rainbow table attacks. The IV ensures identical plaintexts produce different ciphertexts. Save both alongside your ciphertext to decrypt.

Which mode should I use?

CBC is the safe default. CTR is good for streaming or large data. Avoid ECB for sensitive data — identical input blocks produce identical ciphertext.

Is the encryption secure?

The implementation uses standard AES with PBKDF2-SHA256 and 100,000 iterations — same primitives as production-grade software. For production systems, integrate AES into your application using a vetted crypto library.

Related tools

🔑

RSA Encrypt / Decrypt