Symmetric encryption · AES

AES Encryption and Decryption Online

Convert plaintext to ciphertext (and back) with AES-128/192/256. Configure cipher modes, padding strategies, and output encodings—all in a single browser session.

AES Encryption Toolkit

Encrypt or decrypt data using the Advanced Encryption Standard. Toggle cipher modes, configure padding and key sizes, and switch between Base64 or Hex encodings—all without leaving your browser.

Plaintext input

Ciphertext output

Operation

Cipher mode

Padding

Secret key

AES accepts 128, 192, or 256-bit keys. Keys shorter than the selected length are zero-padded; longer keys are truncated.

Initialization vector (IV)

IVs and counters should be 16 bytes for AES-128 block size.

AES overview

AES processes 128-bit blocks with 128/192/256-bit keys. CBC stays interoperable with legacy systems but needs PKCS#7 or zero padding, and every IV must be unique for each key. ECB is included for completeness only and should not be used for real data.

CFB / OFB. These modes behave like stream ciphers, keep the input length intact, and still require a random IV. They are useful for encrypting text or byte streams without padding.

CTR. Counter mode turns the block cipher into a keystream generator— never reuse the same nonce/counter pair with a key or plaintext will leak. CTR also avoids padding and supports random access.

GCM. Built on CTR plus a Galois MAC, it provides authenticated encryption. Manage the nonce, additional authenticated data (AAD), and tag length carefully; the dedicated AES-GCM tool exposes each knob.

Padding. CBC/ECB usually use PKCS#7; zero padding works only when both sides know the true length. CFB/OFB/CTR/GCM skip padding entirely. Regardless of the mode, both parties must agree on key size, IV/nonce, and encoding.