AES Encryption and Decryption Online

Advanced Encryption Standard(AES) is a symmetric encryption algorithm. AES is the industry standard as of now as it allows 128 bit, 192 bit and 256 bits encryption. Symmetric encryption is very fast as compared to asymmetric encryption and are used in systems such as database system. Following is an online tool to generate AES encrypted password and decrypt AES encrypted password.

The tool provides multiple modes of encryption and decryption such as ECB, CBC, CTR and GCM mode. GCM is considered more secure than CBC mode and is widely adopted for its performance.

For more info on AES encryption visit this explanation on AES Encryption. Below is the form to take the inputs for the encryption and decryption.

AES Encryption

Base64 Hex
Loading...

AES Decryption

Base64 Plain-Text
Loading...

Any secret key value that you enter, or we generate is not stored on this site, this tool is provided via an HTTPS URL to ensure that any secret keys cannot be stolen.

If you appreciate this tool then you can consider donating.

We are thankful for your never ending support.

AES Encryption Usage Guide

For encryption, you can either enter the plain text or password that you want to encrypt. Now choose the block cipher mode of encryption.

Different Supported Modes of AES Encryption

AES offers multiple modes of encryption such as ECB, CBC, CTR, OFB, CFB and GCM mode.

  • ECB(Electronic Code Book) is the simplest encryption mode and does not require IV for encryption. The input plain text will be divided into blocks and each block will be encrypted with the key provided and hence identical plain text blocks are encrypted into identical cipher text blocks.

  • CBC(Cipher Block Chaining) mode is highly recommended, and it is an advanced form of block cipher encryption. It requires IV to make each message unique meaning the identical plain text blocks are encrypted into dissimilar cipher text blocks. Hence, it provides more robust encryption as compared to ECB mode, but it is a bit slower as compared to ECB mode. If no IV is entered then default will be used here for CBC mode and that defaults to a zero based byte[16].

  • CTR(Counter) CTR mode (CM) is also known as integer counter mode (ICM) and segmented integer counter (SIC) mode. Counter mode turns a block cipher into a stream cipher. CTR mode has similar characteristics to OFB, but also allows a random-access property during decryption. CTR mode is well suited to operate on a multi-processor machine, where blocks can be encrypted in parallel.

  • GCM(Galois/Counter Mode) is a symmetric-key block cipher mode of operation that uses universal hashing to provide authenticated encryption. GCM is considered more secure than CBC mode because it has built-in authentication and integrity checks and is widely used for its performance.

Padding

For AES Encryption modes CBC and ECB, the padding can be PKCS5PADDING and NoPadding. With PKCS5Padding, a 16 byte string will produce a 32 byte output (the next multiple of 16).

AES GCM PKCS5Padding is a synonym for NoPadding because GCM is a streaming mode that doesn't require padding. The ciphertext in GCM is only as long as the plaintext. Hence, nopadding is by default selected.

AES Key Size

The AES algorithm has a 128-bit block size, regardless of whether you key length is 256, 192 or 128 bits. When a symmetric cipher mode requires an IV, the length of the IV must be equal to the block size of the cipher. Hence, you must always use an IV of 128 bits (16 bytes) with AES.

AES Secret Key

AES provides 128 bit, 192 bit and 256 bit of secret key size for encryption. If you are selecting 128 bits for encryption, then the secret key must be of 16 bits long and 24 and 32 bits for 192 and 256 bits of key size respectively. For example if the key size is 128 then a valid secret key must be of 16 characters i.e. 16*8=128 bits

Now you can enter the secret key accordingly. By default, the encrypted text will be base64 encoded but you have options to select the output format as HEX too.

Similarly, for image and .txt file the encrypted form will be Base64 encoded.

Below is a screenshot that shows a sample usage of this online AES encryption tool.

aes-online-encryption-sample-screenshot

AES Decryption Usage Guide

AES decryption has also the same process. By default, it assumes the entered text be in Base64 and the final decrypted output will be a plain-text string.

References