Supports both AES-256-CBC (widely compatible) and AES-256-GCM (authenticated encryption). GCM is recommended for new projects as it detects tampering automatically.
Passwords are never used directly as keys. PBKDF2-SHA256 with 100,000 iterations and a random salt derives a secure 256-bit key, protecting against brute-force attacks.
All cryptographic operations use the browser's built-in Web Crypto API — the same engine used for HTTPS. No third-party crypto libraries are loaded.
Your plaintext, ciphertext, and password never leave your device. No analytics, no logging, no server calls of any kind during encryption or decryption.
AES (Advanced Encryption Standard) is the most widely used symmetric encryption algorithm. It encrypts and decrypts data using the same key, making it fast and secure. AES-256 uses a 256-bit key and is approved by NIST for top-secret data.
AES-CBC (Cipher Block Chaining) encrypts blocks sequentially and requires a separate integrity check. AES-GCM (Galois/Counter Mode) is an authenticated encryption mode that provides both confidentiality and integrity in one step, making it the preferred choice for modern applications.
All encryption and decryption runs entirely in your browser using the Web Crypto API — no data is ever sent to a server. However, ensure you use a strong, unique password and keep it secret, as the security of AES depends entirely on key secrecy.
PBKDF2 (Password-Based Key Derivation Function 2) derives a cryptographic key from a human-readable password by applying a hash function many times with a random salt. This makes brute-force attacks significantly harder than using the password directly as a key.