Converter Web ToolsConverter WebTools

AES Encryption

Encrypt text with AES in your browser. Your data and keys stay on your device.

Input
Output
Share Link
Settings
Encrypt
Salt
Key
IV

What is AES?

AES (Advanced Encryption Standard) is a symmetric block cipher adopted by NIST in 2001, based on the Rijndael algorithm. It encrypts data in 128-bit blocks using a secret key of 128, 192 or 256 bits, and the same key both encrypts and decrypts. AES is the worldwide standard for protecting data — it secures TLS connections, disk and file encryption, VPNs and messaging apps. Its security depends on keeping the key secret and using a strong mode (such as CBC with a random IV, or authenticated GCM). This tool runs AES entirely in your browser, so your key and plaintext never leave your device.

Private by design: AES encryption runs entirely in your browser — your key and plaintext never leave your device. Keep the same key, mode and IV to decrypt later with the AES Decryption tool.

How AES works

AES is a block cipher that transforms data in fixed 128-bit (16-byte) blocks using your secret key:

  1. Key expansion — the key (128, 192 or 256 bits) is expanded into a set of round keys.
  2. Rounds — each block runs through 10, 12 or 14 rounds of SubBytes, ShiftRows, MixColumns and AddRoundKey, thoroughly mixing the data.
  3. Mode & IV — a mode of operation (CBC, GCM, …) with an initialization vector chains the blocks so identical plaintext does not produce identical ciphertext.
  4. Output — the result is ciphertext, reversible only with the same key, mode and IV.

How to use

  1. Enter the text you want to encrypt.
  2. Provide a key (and IV/mode settings where required).
  3. The encrypted output is produced in your browser.
  4. Share the ciphertext; share the key only through a safe channel.

Options explained

  • Key size — 128, 192 or 256-bit keys. AES-256 has the largest security margin.
  • Mode — CBC, ECB, CFB, OFB, CTR or GCM. Avoid ECB; prefer authenticated GCM, or CBC with a random IV.
  • IV (initialization vector) — A random value mixed into the first block so identical messages encrypt differently. Use a fresh IV per message.
  • Padding — PKCS7 padding fills the final block to the 16-byte boundary for block modes like CBC.
  • Key from passphrase — Optionally derive the key from a passphrase using a salt and iterations instead of a raw key.

Common uses

  • Encrypting files, messages and backups.
  • Protecting data at rest in apps and databases.
  • The symmetric layer inside TLS, VPNs and disk encryption.
  • Securing API payloads and configuration secrets.

Frequently asked questions

Is AES secure?
Yes. AES, especially AES-256, is the global standard and has no known practical break when used correctly with a strong key and mode.
What is the difference between AES-128 and AES-256?
The key length. Both are secure; AES-256 uses a longer key for a higher security margin.
What is an IV?
An initialization vector — a random value used with modes like CBC and GCM so that identical messages encrypt differently. Use a fresh random IV for each message.
Is my data sent to a server?
No. Encryption happens in your browser; your key and message stay on your device.
How do I decrypt the result?
Use the AES Decryption tool with the same key, mode, padding and IV.