What is AES-GCM encryption?

AES-GCM combines AES encryption with Galois/Counter Mode. It provides both data confidentiality and integrity through an authentication tag. It's the NIST-recommended mode for authenticated encryption.

What's the difference between AES-GCM and AES-CBC?

AES-GCM provides authenticated encryption: it automatically detects any modification of the ciphertext. AES-CBC only provides confidentiality and requires a separate HMAC for integrity. AES-GCM is generally faster and more secure.

What is PBKDF2 and why is it used?

PBKDF2 transforms your password into a 256-bit encryption key. The 100,000 iterations deliberately slow the process to make dictionary and brute-force attacks impractical.

What password length is recommended?

Use at least 12 characters with a mix of uppercase, lowercase, numbers, and special characters. The longer and more random your password, the more resistant the encryption will be to attacks.

AES-GCM Encryption

Encrypt and decrypt text with AES-256-GCM. PBKDF2 key derivation (100,000 iterations). Everything happens in your browser.

Plaintext

Password

Algorithm: AES-256-GCM (authenticated encryption)

Key derivation: PBKDF2 with SHA-256, 16-byte random salt, 100,000 iterations

IV: 12 random bytes generated for each encryption

Output format: base64(salt || iv || ciphertext)

Everything about online AES-GCM encryption

Why use this AES encryption tool?

AES-GCM (Advanced Encryption Standard – Galois/Counter Mode) is the standard used by governments, banks, and enterprises to protect sensitive data. It provides both confidentiality and authentication.

This tool runs entirely in your browser using the Web Crypto API. No data is sent over the internet: your plaintext and password stay on your machine.

The encryption key is derived from your password via PBKDF2 with 100,000 iterations, making brute-force attacks extremely difficult.

Who uses this tool?

Developers: Test and validate your AES-GCM encryption implementations without relying on command-line tools.
Journalists and whistleblowers: Quickly encrypt sensitive notes or excerpts before sharing, without installing software.
Cybersecurity students: Understand how AES-GCM authenticated encryption works in an interactive and visual way.
IT professionals: Encrypt passwords, tokens, or configuration data before storing or transmitting them.

How to encrypt and decrypt text

Enter the text to encrypt and choose a strong password. Click Encrypt to get the base64-encoded ciphertext.

To decrypt, paste the ciphertext and enter the same password. Click Decrypt.

The salt and initialization vector (IV) are automatically generated and included in the encrypted output.

Frequently asked questions

What is AES-GCM encryption?: AES-GCM combines AES encryption with Galois/Counter Mode. It provides both data confidentiality and integrity through an authentication tag. It's the NIST-recommended mode for authenticated encryption.
Is my text sent over the internet?: No. Encryption and decryption are performed entirely in your browser using the Web Crypto API. No data leaves your device. You can even use this tool offline.
What's the difference between AES-GCM and AES-CBC?: AES-GCM provides authenticated encryption: it automatically detects any modification of the ciphertext. AES-CBC only provides confidentiality and requires a separate HMAC for integrity. AES-GCM is generally faster and more secure.
What is PBKDF2 and why is it used?: PBKDF2 transforms your password into a 256-bit encryption key. The 100,000 iterations deliberately slow the process to make dictionary and brute-force attacks impractical.
What password length is recommended?: Use at least 12 characters with a mix of uppercase, lowercase, numbers, and special characters. The longer and more random your password, the more resistant the encryption will be to attacks.

Understanding AES encryption

How does AES-GCM encryption work?

AES-GCM operates in two phases. First, plaintext is encrypted block by block (128 bits) using Counter mode, which turns AES into a stream cipher. Then, Galois mode computes an authentication tag over the ciphertext and associated data. This tag allows the recipient to verify the message hasn't been tampered with. The combination provides confidentiality, integrity, and authenticity in a single operation.

Why is AES considered secure?

AES was adopted as a NIST standard in 2001 after a rigorous public selection process. With a 256-bit key, it offers 2²⁵⁶ possible combinations, making brute force impossible with current and foreseeable technology. AES is used by government agencies, financial institutions, and TLS/SSL protocols securing the web. No practical attack against AES-256 has been demonstrated to date.

What's the difference between symmetric and asymmetric encryption?

Symmetric encryption (like AES) uses the same key to encrypt and decrypt. It's fast and suited for large data volumes. Asymmetric encryption (like RSA) uses a public/private key pair. In practice, both are combined: asymmetric encryption exchanges the symmetric key, then AES encrypts the data.

Other tools you might like

Word Counter Lorem Ipsum Generator Password Generator JSON Formatter Color Converter Percentage Calculator