JSONToTable

Loading AES-GCM Tool...

How to Use AES-GCM Encrypt/Decrypt Tool

Use authenticated encryption mode (GCM) for secure encryption and tamper detection.

Step 1

Choose Encrypt or Decrypt

Select the operation in the middle panel. GCM is authenticated encryption and includes tamper detection. See NIST SP 800-38D:

Use Encrypt for plaintext input.
Use Decrypt for Base64 ciphertext input.
Cipher mode is fixed to GCM for authenticated encryption.

Example: Plaintext Payload

{"customer":"CUST-1001","plan":"premium","active":true}
Step 2

Set Key and IV

Provide hex key and IV values or use the regenerate control. Generate secure random values with crypto.getRandomValues.

AES-128 key length: 32 hex chars.
AES-256 key length: 64 hex chars.
IV length: 32 hex chars (16 bytes).

Example: Key/IV Format

key(hex): 4a1f80f6bd8a47de57c2f695f9f9329e65c2289b8cdf8a5df3d0579f3a5a6bf1
iv(hex):  6c85aab3533cb306a9fd35a0c7606f87
Step 3

Copy or Download Result

Use the right panel output for API calls, config values, or secure transfer.

Copy output directly to clipboard.
Download output as `.txt` file.
For generic AES tools, use AES Encryption and AES Decryption.
Step 4

Validate and Export Safely

Keep key, IV, mode, and ciphertext metadata together. Base64 transport should follow RFC 4648 and integration storage should follow OWASP guidance.

Example: Ciphertext Output

q4qEt5Y3QjQh8Cw3Yqxy+3cr0QfAblm8XJt51YvM8Pw2o5E2st6=

Frequently Asked Questions

Why use AES-GCM instead of CBC?

GCM provides authenticated encryption, which means it can detect tampering in addition to encrypting data.

Is this tool browser-side?

Yes. Encryption and decryption run in your browser using Web Crypto APIs.

Why does decryption fail?

AES-GCM decryption fails if key, IV, AES mode, or ciphertext does not match exactly.

Can I use generated key/IV from this page elsewhere?

Yes. You can use the same key/IV values in your backend services or other cryptography tools that support AES-GCM.

Related Tools

AES Encryption

AES encryptor online - Encrypt text, JSON, and files with AES-128 or AES-256. Support for CBC, GCM, and CTR cipher modes. Military-grade encryption with automatic key generation.

AES Decryption

AES decryptor online - Decrypt AES-encrypted data with AES-128 or AES-256. Support for CBC, GCM, and CTR modes. Restore your encrypted files securely.

AES Key & IV Generator

Generate secure AES-128 or AES-256 encryption keys and initialization vectors (IV) in hex or Base64 format.

AES-CBC Encrypt/Decrypt

Encrypt and decrypt data specifically in AES-CBC mode with AES-128 or AES-256 and Base64 ciphertext output.

AES-CTR Encrypt/Decrypt

Encrypt and decrypt data specifically in AES-CTR mode with AES-128 or AES-256 and Base64 ciphertext output.

PBKDF2 AES Key/IV Generator

Derive AES-128 or AES-256 key and IV from passphrase using PBKDF2-SHA256 with configurable iterations and salt.