Encrypt/Decrypt

Encrypt or decrypt text with a secret key, entirely in your browser. Nothing ever leaves this page. No network requests are made by the tool itself, and all cryptography runs locally via the built-in Web Crypto API.

Encrypted Output:

Use this tool to encrypt text with a secret key. The output is a self-contained Base64 string that embeds the algorithm, key-stretching parameters, a random salt, and a random IV, so decryption only requires the secret key. Switch to decrypt mode to recover the original text.

Glossary

Plain-language meanings of the more technical terms used above.

Key stretching

Deliberately slowing down the conversion of your passphrase into an encryption key by repeating a calculation many times. A human-friendly passphrase has little randomness, so stretching makes each guess expensive for an attacker: at 600,000 iterations, testing a password list takes hundreds of thousands of times longer than checking the passphrase once.

PBKDF2

Password-Based Key Derivation Function 2: The specific, widely standardized key-stretching algorithm this tool uses. It hashes your passphrase together with the salt repeatedly (here using SHA-256 as the underlying hash) to produce the raw bytes of the AES key. The 100k–1M options are how many times that loop runs.

Salt

A random value (16 bytes here) mixed into key stretching before hashing your passphrase. It is not secret and is stored alongside the ciphertext. Its job is to make every encryption unique even when the same passphrase is reused, which defeats precomputed lookup tables (“rainbow tables”) and stops identical passphrases from producing identical keys.

IV / nonce

Initialization vector: A random starting value (12 or 16 bytes) fed into the cipher so that encrypting the same text twice yields completely different output. Like the salt it is not secret and travels with the ciphertext. For GCM it must never be reused with the same key, which is why a fresh random one is generated every time.

AES (and AES-128 vs AES-256)

The Advanced Encryption Standard: The symmetric cipher doing the actual encryption. “Symmetric” means the same key both encrypts and decrypts. The number is the key length in bits: AES-256 uses a 256-bit key, AES-128 a 128-bit key. Both are considered secure, but 256-bit offers a larger safety margin at a small speed cost.

Mode of operation (GCM / CBC / CTR)

AES only scrambles one fixed-size block at a time. The “mode” defines how those blocks are chained together to encrypt a whole message. The trailing letters in AES-256-GCM name that mode.

GCM (Galois/Counter Mode) turns AES into a stream cipher and adds an authentication tag. Recommended here because it is fast and authenticated.
CTR (Counter Mode) turns AES into a stream cipher by encrypting a counter. This is the same engine GCM is built on, but with no authentication.
CBC (Cipher Block Chaining) is an older mode where each block is mixed into the next. Offered for compatibility, but also unauthenticated.

Authenticated encryption

Encryption that also proves the ciphertext was not altered and that the right key was used. GCM does this by attaching an authentication tag. If even one byte is changed or the key is wrong, decryption fails loudly instead of returning garbage. CBC and CTR provide confidentiality, but they only hide the contents and cannot detect tampering, so they are best paired with a separate integrity check.

Base64

A text encoding that represents arbitrary binary data using 64 printable characters, being all ASCII letters and digits, the plus sign, and the forward slash (A–Z a–z 0–9 + /). The encrypted output is binary, so it is Base64-encoded to make it safe to copy, paste, and store as plain text. It is an encoding, not encryption, and adds no security.