Convertful
ImagePDFVideoAudioDocumentSEODeveloperUtilityGuides

Image Tools

  • Compress Image
  • Resize Image
  • Remove Background
  • HEIC to JPG
  • All Image Tools →

PDF Tools

  • Compress PDF
  • Merge PDFs
  • Split PDF
  • PDF to Images
  • All PDF Tools →

Video & Audio

  • MOV to MP4
  • FLAC to MP3
  • Video to GIF
  • All Video Tools →
  • All Audio Tools →

Developer

  • JSON Formatter
  • JWT Decoder
  • Regex Tester
  • SQL Formatter
  • All Developer Tools →

Document & SEO

  • Excel to JSON
  • JSON to Excel
  • All Document Tools →
  • SERP Snippet Preview
  • Robots.txt Generator
  • All SEO Tools →

Utility

  • QR Code Generator
  • Word Counter
  • Color Converter
  • Text Diff
  • All Utility Tools →
All processing happens in your browser. Your files never leave your device.
AboutGuidesTermsPrivacyContact
© 2026 Convertful. All rights reserved.
HomeDeveloperAES Encrypt / Decrypt

AES Encrypt / Decrypt

Encrypt or decrypt text with AES-GCM locally. Free, private, runs in your browser.

100% private — your files and text never leave your browser. All processing happens locally on your device.

Password And KDF

Lost passwords cannot be recovered, and failed decrypts mean the password or package did not authenticate.

Enter plaintext and a password to create an AES-GCM JSON package.

You might also need

HMAC GeneratorGenerate HMAC digests with masked keys
Password GeneratorGenerate secure random passwords instantly
RSA Key GeneratorGenerate RSA key pairs locally with Web Crypto
Base64 Encode / DecodeEncode or decode Base64 strings

Authenticated Encryption Only

AES Encrypt / Decrypt uses AES-GCM with a random IV for every encryption. The output JSON package includes the algorithm, KDF settings, salt, IV, and base64 ciphertext needed for local decryption.

Password-Based Key Derivation

A passphrase is converted into a 256-bit AES key with PBKDF2-SHA-256 and a random salt. The iteration count is visible and adjustable so test packages are understandable and repeatable to decrypt.

Wrong Passwords Fail Clearly

AES-GCM authenticates ciphertext. If the password is wrong or the package was tampered with, decryption fails instead of returning guessed plaintext. Lost passwords cannot be recovered by Convertful.

FAQ

Which AES mode is used?

Convertful uses AES-GCM, an authenticated encryption mode. AES-CBC is not used or offered as the default.

How is the password used?

The password is turned into an AES key with PBKDF2-SHA-256, a random salt, and the iteration count shown in the UI.

Why does the same text encrypt differently each time?

Each encryption uses a fresh random salt and IV, so ciphertext is intentionally different on every run.

What happens with the wrong password?

AES-GCM authentication fails and the tool shows a clear wrong-password or tampered-ciphertext message.

Can Convertful recover my password?

No. Everything runs locally, and lost passwords cannot be recovered.