Security
AES Cipher
Runs entirely in your browser · Nothing is sent to our servers
AES-256-GCM encryption with PBKDF2 key derivation. Encrypt and decrypt text with a password.
AES-256-GCM · PBKDF2 key derivation (100,000 iterations, SHA-256) · Random salt + IV per encryption
How it works
AES-256-GCM
Authenticated encryption using a 256-bit key in Galois/Counter Mode. GCM provides both confidentiality and integrity — tampering with the ciphertext is detected automatically. No padding oracle attacks are possible.
PBKDF2 Key Stretching
Your password is run through PBKDF2 with 100,000 SHA-256 iterations. This makes brute-force attacks computationally expensive — each password guess requires 100,000 hash operations.
Random Salt + IV
A fresh 16-byte salt and 12-byte IV are generated for every encryption. The same plaintext encrypted twice produces different ciphertext, preventing pattern analysis.
Base64 Output Format
The output encodes salt (16 bytes) + IV (12 bytes) + ciphertext as a single Base64 string. Everything needed to decrypt is bundled together.
Privacy: all encryption and decryption happens in your browser. Your plaintext and password are never sent to any server.
How it works▾
AES-256-GCM
Authenticated encryption using a 256-bit key in Galois/Counter Mode. GCM provides both confidentiality and integrity — tampering with the ciphertext is detected automatically. No padding oracle attacks are possible.
PBKDF2 Key Stretching
Your password is run through PBKDF2 with 100,000 SHA-256 iterations. This makes brute-force attacks computationally expensive — each password guess requires 100,000 hash operations.
Random Salt + IV
A fresh 16-byte salt and 12-byte IV are generated for every encryption. The same plaintext encrypted twice produces different ciphertext, preventing pattern analysis.
Base64 Output Format
The output encodes salt (16 bytes) + IV (12 bytes) + ciphertext as a single Base64 string. Everything needed to decrypt is bundled together.
Privacy: all encryption and decryption happens in your browser. Your plaintext and password are never sent to any server.