AES Encryption/Decryption Tool
Configuration
AES Encryption/Decryption Online | Advanced Encryption Standard Tool
Online AES encryption tool supporting 128/192/256-bit keys, multiple modes (CBC/ECB/CFB/OFB/CTR/GCM), and various padding methods. Professional cryptography calculator.
AES Knowledge
What is AES?
AES (Advanced Encryption Standard) is currently the most popular symmetric encryption algorithm, designed by Belgian cryptographers Joan Daemen and Vincent Rijmen. It uses a block cipher system with a block size of 128 bits (16 bytes). It supports three key lengths: 128, 192, and 256 bits, requiring 10, 12, and 14 rounds of encryption respectively. Each round includes four steps: SubBytes, ShiftRows, MixColumns, and AddRoundKey. AES's main advantages are high security, good computational efficiency, and low memory requirements.
Operation Modes in Detail
CBC (Cipher Block Chaining) Mode
CBC is one of the most commonly used encryption modes. It divides plaintext into fixed-size blocks, each block is XORed with the previous ciphertext block before encryption. For the first block, an initialization vector (IV) is used for XOR. This chain structure makes each ciphertext block dependent on all previous plaintext blocks, enhancing security. Key features: - Same plaintext blocks produce different ciphertext blocks - Encryption cannot be parallelized, but decryption can - Requires padding - An error in one block affects all subsequent block decryption
ECB (Electronic Codebook) Mode
The most basic encryption mode, directly encrypting plaintext blocks into ciphertext blocks without additional processing. Key features: - Same plaintext blocks produce same ciphertext blocks - Both encryption and decryption can be parallelized - Requires padding - Lower security, not recommended for most scenarios
CFB (Cipher Feedback) Mode
Converts block cipher into stream cipher, allowing bit or byte-level encryption. During encryption, the previous ciphertext block is encrypted (initially using IV), and the result is XORed with current plaintext block. Features: - No padding required - Supports real-time encryption - Error propagation occurs - Encryption cannot be parallelized, but decryption can
OFB (Output Feedback) Mode
Similar to CFB, but the encryption result of the previous ciphertext block is directly used as input for the next block, XORed with plaintext. Features: - No padding required - Same operation for encryption and decryption - Keystream can be generated in advance - No error propagation
CTR (Counter) Mode
Uses incrementing counter values for encryption, XORing the result with plaintext to get ciphertext. Features: - Supports parallel processing - No padding required - Random access supported - High security, but counter values must not repeat
GCM (Galois/Counter Mode)
GCM is a mode of operation for block ciphers that provides both data authenticity and confidentiality. It uses a counter to generate the encryption key stream and a message authentication code (MAC) to ensure data integrity. Key features: - Supports parallel processing - No padding required - Random access supported - High security, but counter values must not repeat
Padding Modes in Detail
PKCS7 Padding
Most commonly used padding method. If n bytes of padding are needed, each byte is filled with the number n. For example, if 3 bytes of padding are needed, it fills: 03 03 03
ISO10126 Padding
Fills with random data except for the last byte. The last byte indicates the number of padding bytes. This method increases security as the padding content is unpredictable
ANSIX923 Padding
Fills with zeros, with the last byte indicating the number of padding bytes. For example, if 3 bytes of padding are needed, it fills: 00 00 03
ISO97971 Padding
First fills with 1, then fills with zeros. This method ensures accurate padding removal
ZeroPadding
Simply fills with zeros up to the block size. This method can be ambiguous, especially when the original text ends with zeros
NoPadding
No padding is performed, requiring data length to be a multiple of the block size. Special attention to data length is needed when using this method