Encryption Playground: AES-256-GCM Encrypt/Decrypt Online

AES-GCM (Galois/Counter Mode) is a symmetric encryption algorithm that:

• Encrypts — scrambles plaintext so only someone with the key can read it.
• Authenticates — verifies the data hasn't been tampered with.
• 256-bit key — extremely strong (2^256 possible keys).

AES-GCM is used in: - TLS/HTTPS (your browser uses it). - File encryption tools (7-Zip, VeraCrypt). - Password managers (1Password, Bitwarden).

Symmetric (AES-GCM) — same key encrypts and decrypts. Fast, but both parties need the key.

Asymmetric (RSA) — public key encrypts, private key decrypts. Slower, enables key exchange.

For this playground, we use symmetric: you encrypt with a passphrase, decrypt with the same passphrase.

1. Raw key mode — Provide a 32-byte hex key (256 bits). Use for deterministic encryption. 2. Passphrase mode — Enter a password. PBKDF2-SHA256 derives a 256-bit key, then encrypts.

The output is a JSON bundle:

`json { "ciphertext": "...", "iv": "...", "tag": "..." } `

Share this bundle; decrypt by pasting it back with the same passphrase.

1. Type or paste plaintext. 2. Choose mode: raw key or passphrase. 3. Encrypt. Output is a JSON bundle. 4. Share safely — paste the JSON to someone. 5. Decrypt — they paste the JSON and enter your passphrase.

• Learning — understand how encryption works.
• Quick encryption — share sensitive data via email (encrypted, not plaintext).
• Testing — verify encryption/decryption in applications.
• Not for production — use dedicated security libraries and key management.