Encryption and Decryption
This page provides a developer-friendly playground for encrypting and decrypting data using both symmetric (AES) and asymmetric (RSA) cryptographic algorithms.
- Symmetric encryption (AES) allows encrypting data with a shared secret password, offering fast and secure encryption for general purposes.
- Asymmetric encryption (RSA-OAEP) enables secure data exchange using a public/private keypair, ideal for scenarios where secret sharing is not practical.
Features:
- Choose between Encrypt and Decrypt operations
- Select Symmetric (AES) or Asymmetric (RSA-OAEP) modes
- Support for multiple AES algorithms and key sizes
- Auto-generate secure random Initialization Vectors (IVs) for AES
- Auto-generate secure RSA keypairs for RSA usage
- Output encoding in Hex or Base64
- All operations are fully client-side — nothing leaves your browser
Private and Secure: Fully client-side — nothing leaves your browser!
Supported Modes and Algorithms
| Mode | Algorithm | Description | Recommendation |
|---|---|---|---|
| Symmetric (AES) | AES-128-CBC | Classic AES encryption with 128-bit key and CBC mode (requires IV and padding) | Recommended for general use |
| Symmetric (AES) | AES-192-CBC | AES encryption with 192-bit key and CBC mode (rarely used) | Optional (advanced only); less common |
| Symmetric (AES) | AES-256-CBC | AES encryption with 256-bit key and CBC mode | Stronger security if needed |
| Symmetric (AES) | AES-256-GCM | Modern AES encryption with 256-bit key and Galois/Counter Mode (authenticated encryption) | Best for production |
| Asymmetric (RSA) | RSA-OAEP | RSA encryption with Optimal Asymmetric Encryption Padding | Recommended for public key encryption |
Notes:
- AES-GCM is preferred for modern applications because it provides confidentiality and integrity in one operation (authenticated encryption).
- AES-CBC remains useful for file encryption, legacy systems, and simpler symmetric use cases but must be combined with a secure random IV.
- RSA-OAEP ensures robust encryption security and protects against chosen-ciphertext attacks; it is the standard for RSA encryption today.
- AES-192-CBC is supported but rarely needed; most systems choose between 128-bit and 256-bit keys directly.
AES-256 for Data-at-Rest: Practical Usage and Modern Best Practices
| Aspect | CBC Mode | GCM Mode |
|---|---|---|
| Real-world usage | Historically common (especially in disk encryption, file systems) | Increasingly preferred for new systems and services |
| Padding required | Yes (PKCS#7 padding) | No padding needed |
| Provides data integrity (authenticated encryption) | No (requires manual HMAC) | Yes (built-in authentication) |
| Recommended today for new systems? | Sometimes (with MAC) | Strongly recommended |
| Susceptible to IV reuse issues | Yes (causes prefix leaks) | Yes (but also breaks integrity if reused) |
| Ease of implementation | Moderate (must manage MACs separately) | Easier (encrypt and authenticate in one step) |
Real-World Usage Examples
| System / Service | AES Mode Used | Notes |
|---|---|---|
| Early Microsoft BitLocker (Vista/Win7) | AES-128/256-CBC (with external MAC) | Historical CBC usage in early full disk encryption |
| Modern BitLocker (Win10/Win11) | AES-256-XTS | XTS is a special secure disk mode derived from CBC |
| AWS S3 (KMS managed keys) | AES-256-GCM | Authenticated encryption preferred for object storage |
| Google Cloud Storage | AES-256-CBC (internal) | Plus additional integrity protections around the encrypted blob |
| Linux dm-crypt / LUKS2 | AES-256-XTS | Default for modern Linux disk encryption |
Notes:
- AES-GCM is the best option for encrypting sensitive data at rest because it ensures confidentiality and integrity together.
- If using AES-CBC, you must combine it with an authenticated hash (like HMAC-SHA-256) to avoid silent corruption risks.
- For large files or disk encryption, AES-XTS is often used instead of pure CBC.