JSONToTable

Loading AES Key & IV Generator...

How to Use the AES Key & IV Generator

Generate strong AES key material in a format that is ready for encryption and decryption workflows.

Step 1

Choose AES Mode

Select the key size based on your use case. AES size and IV handling should align with your implementation and standards like NIST FIPS 197 and SP 800-38A:

-
AES-128: 16-byte key (32 hex characters)
-
AES-256: 32-byte key (64 hex characters)
-
IV is always 16 bytes (32 hex characters) for AES-CBC, AES-GCM, and AES-CTR

Example: Key Size Mapping

AES-128 -> 16 bytes -> 32 HEX chars
AES-256 -> 32 bytes -> 64 HEX chars
IV      -> 16 bytes -> 32 HEX chars
Step 2

Review and Copy Values

Keys and IV values are generated automatically in your browser when the page loads and when you change AES mode using secure random generation from crypto.getRandomValues.

-
Use output format selector to switch between HEX, Base64, or both
-
Copy key and IV independently for your app configuration
-
Download key/IV files if you need to store material temporarily offline

Example: Generated AES-256 Values

key(hex): 4a1f80f6bd8a47de57c2f695f9f9329e65c2289b8cdf8a5df3d0579f3a5a6bf1
iv(hex):  6c85aab3533cb306a9fd35a0c7606f87
Step 3

Use with AES Encryption/Decryption

Use the generated key and IV with your workflow and keep them safe. Reusing the same key/IV pair across unrelated data can reduce security. For storage practices, follow OWASP cryptographic storage guidance.

-
Encrypt data using AES Encryption
-
Decrypt with AES Decryption using the exact same key and IV
-
Never commit production keys to source control or logs
Step 4

Validate Format Before Use

Confirm your target service expects HEX or Base64 before you copy values. Base64 format handling follows RFC 4648. For browser integrations, check Web Crypto API docs.

Frequently Asked Questions

Is this AES key generator secure?

Yes. It uses your browser's Web Crypto API random generator and runs locally in your browser.

What key length should I choose?

AES-256 is generally preferred for new systems. AES-128 is still secure and may be required for compatibility.

Why do I need an IV?

An IV randomizes encryption so identical plaintext does not always produce identical ciphertext.

Can I reuse the same IV?

Reusing IVs is unsafe for many AES modes. Generate a new IV for each encryption operation unless your protocol explicitly handles IV strategy.

Hex or Base64: which format should I use?

Use the format expected by your application. Hex is common in low-level tooling, while Base64 is common in APIs and config files.

Can I use these values directly in your AES tools?

Yes. Use the generated values with our AES encryption and AES decryption tools.

Related Tools

AES Encryption

AES encryptor online - Encrypt text, JSON, and files with AES-128 or AES-256. Support for CBC, GCM, and CTR cipher modes. Military-grade encryption with automatic key generation.

AES Decryption

AES decryptor online - Decrypt AES-encrypted data with AES-128 or AES-256. Support for CBC, GCM, and CTR modes. Restore your encrypted files securely.

AES-GCM Encrypt/Decrypt

Encrypt and decrypt data specifically in AES-GCM mode with AES-128 or AES-256 and Base64 ciphertext output.

AES-CBC Encrypt/Decrypt

Encrypt and decrypt data specifically in AES-CBC mode with AES-128 or AES-256 and Base64 ciphertext output.

AES-CTR Encrypt/Decrypt

Encrypt and decrypt data specifically in AES-CTR mode with AES-128 or AES-256 and Base64 ciphertext output.

PBKDF2 AES Key/IV Generator

Derive AES-128 or AES-256 key and IV from passphrase using PBKDF2-SHA256 with configurable iterations and salt.