AES Encryptor

Size: 0 B, 0 characters
Switch to Decryptor
Size: 0 B, 0 characters

Free AES Encryption Online

What is AES Encryption?

AES (Advanced Encryption Standard) is a symmetric encryption algorithm used to protect data with a secret key. Symmetric encryption means the same secret is used to encrypt and decrypt the data.

This AES encryption tool uses AES-GCM, a modern mode that provides both confidentiality and authentication. That means the encrypted data is protected from being read, and the decryptor can detect if the ciphertext has been changed.

What is an AES Encryptor?

An AES encryptor takes plaintext, a password, and encryption parameters, then produces ciphertext. This tool derives a 256-bit AES key from your password using PBKDF2-HMAC-SHA-256, generates a random salt and IV, and returns a JSON bundle that the paired AES Decryptor can read.

The password is never included in the encrypted output. Keep it separately and securely.

Why AES-GCM?

AES-GCM is usually preferred for modern browser-based encryption because it includes authentication. Older modes like AES-CBC can encrypt data, but they do not authenticate it by themselves and are easier to misuse.

For this reason, this tool intentionally supports AES-GCM only.

How to Use This AES Encryption Tool

  1. Enter the text you want to encrypt.
  2. Enter a strong password.
  3. Click Encrypt.
  4. Copy the encrypted JSON bundle.
  5. Paste that bundle into the AES Decryptor and use the same password to decrypt it.

The output contains the algorithm name, KDF settings, salt, IV, and ciphertext. It does not contain the password.

Encrypted Output Format

The encrypted result is a self-contained JSON object:

{
  "v": 1,
  "alg": "AES-GCM",
  "kdf": "PBKDF2",
  "hash": "SHA-256",
  "iterations": 600000,
  "keyLength": 256,
  "salt": "base64",
  "iv": "base64",
  "ciphertext": "base64"
}

The salt and IV are randomly generated for each encryption operation. The ciphertext changes every time, even if you encrypt the same text with the same password.

Data as Parameter

You can pre-fill only the plaintext field with the ?input= query parameter:

https://www.uprek.com/en/tools/aes-encryptor?input=hello

The password is intentionally not supported as a URL parameter. Passwords in URLs can be saved in browser history, logs, analytics tools, screenshots, and referrer headers. Enter the password manually in the password field.

For sensitive data, avoid sharing URLs that contain private plaintext.

Technical Details and Privacy

This tool uses the browser-native Web Crypto API. It derives the key with crypto.subtle.deriveKey() and encrypts with crypto.subtle.encrypt() using AES-GCM.

Your text and password are processed in the browser. The static UPREK page does not need a runtime server to encrypt the data.

Security Notes

Use a long, unique password. If you lose the password, the encrypted data cannot be recovered.

Do not use this tool as a replacement for a reviewed application security design. Browser-based encryption tools are useful for learning, testing, and small workflows, but production systems need careful key management, access control, backups, and threat modeling.