AES Encryption and Decryption Online

Advanced Encryption Standard(AES) is a symmetric encryption algorithm. AES is the industry standard as of now as it allows 128 bit, 192 bit and 256 bits encryption. Symmetric encryption is rapid as compared to asymmetric encryption and are used in systems such as database system. Following is an online tool to perform AES encryption and decryption of any plain-text or password.

The tool provides multiple modes of encryption and decryption such as ECB, CBC, CTR, CFB and GCM mode. GCM is considered more secure than CBC mode and is widely adopted for its performance.

For more info on AES encryption, visit this explanation on AES Encryption. Below is the form to take the inputs for the encryption and decryption.

AES Encryption

Base64 Hex

AES Decryption

Base64 Plain-Text

Any secret key value that you enter, or we generate is not stored on this site, this tool is provided via an HTTPS URL to ensure that any secret keys cannot be stolen.

If you appreciate this tool then you can consider donating.

We are thankful for your never ending support.

Key Features

  • Symmetric Key Algorithm: Same key is used for both encryption and decryption.
  • Block Cipher: AES operates on fixed-size blocks of data. The standard block size is 128 bits.
  • Key Lengths: AES supports key lengths of 128, 192, and 256 bits. The longer the key, the stronger the encryption.
  • Security: AES is considered very secure and is widely used in various security protocols and applications.

AES Encryption Terms & Terminologies

For encryption, you can either enter the plain text or password that you want to encrypt. Now choose the block cipher mode of encryption.

Different Supported Modes of AES Encryption

AES offers multiple modes of encryption such as ECB, CBC, CTR, OFB, CFB and GCM mode.

  • ECB(Electronic Code Book) is the simplest encryption mode and does not require IV for encryption. The input plain text will be divided into blocks and each block will be encrypted with the key provided and hence identical plain text blocks are encrypted into identical cipher text blocks.

  • CBC(Cipher Block Chaining) mode is highly recommended, and it is an advanced form of block cipher encryption. It requires IV to make each message unique meaning the identical plain text blocks are encrypted into dissimilar cipher text blocks. Hence, it provides more robust encryption as compared to ECB mode, but it is a bit slower as compared to ECB mode. If no IV is entered then default will be used here for CBC mode and that defaults to a zero-based byte[16].

  • CTR(Counter) CTR mode (CM) is also known as integer counter mode (ICM) and segmented integer counter (SIC) mode. Counter-mode turns a block cipher into a stream cipher. CTR mode has similar characteristics to OFB, but also allows a random-access property during decryption. CTR mode is well suited to operate on a multiprocessor machine, where blocks can be encrypted in parallel.

  • GCM(Galois/Counter Mode) is a symmetric-key block cipher mode of operation that uses universal hashing to provide authenticated encryption. GCM is considered more secure than CBC mode because it has built-in authentication and integrity checks and is widely used for its performance.

Padding

For AES modes CBC and ECB, the padding can be PKCS5PADDING and NoPadding. With PKCS5Padding, a 16-byte string will produce a 32-byte output (the next multiple of 16).

AES GCM PKCS5Padding is a synonym for NoPadding because GCM is a streaming mode that doesn't require padding. The ciphertext in GCM is only as long as the plaintext. Hence, nopadding is by default selected.

AES Key Size

The AES algorithm has a 128-bit block size, regardless of whether your key length is 256, 192 or 128 bits. When a symmetric cipher mode requires an IV, the length of the IV must be equal to the block size of the cipher. Hence, you must always use an IV of 128 bits (16 bytes) with AES.

AES Secret Key

AES provides 128 bits, 192 bits and 256 bits of secret key size for encryption. If you are selecting 128 bits for encryption, then the secret key must be of 16 bits long and 24 and 32 bits for 192 and 256 bits of key size respectively. For example, if the key size is 128, then a valid secret key must be of 16 characters i.e., 16*8=128 bits