AES-256-GCM (Advanced Encryption Standard, 256-bit key, Galois/Counter Mode) is a symmetric authenticated encryption algorithm. It is used by TLS 1.3, Signal, and most modern secure systems. The GCM mode adds an authentication tag that detects any modification to the ciphertext.

What is the difference between AES-GCM and AES-CBC?

Both use the same AES block cipher with a 256-bit key. GCM mode is an AEAD (Authenticated Encryption with Associated Data) scheme — it produces an authentication tag alongside the ciphertext so any tampering is detected during decryption. CBC mode does not authenticate, meaning a modified ciphertext may decrypt without error but produce garbage output.

RSA-OAEP is an asymmetric encryption scheme. You generate a keypair: the public key can be shared openly and used to encrypt messages, but only the private key can decrypt them. OAEP (Optimal Asymmetric Encryption Padding) is the secure padding scheme required for RSA encryption.

Can I decrypt on a different device?

Yes. The output contains all the information needed to decrypt — salt, IV, and ciphertext — encoded as Base64. Copy the output, paste it on another device in the Decrypt tab, enter the same password (or private key for RSA), and it will decrypt correctly.

How strong is the password protection?

PBKDF2 with 310,000 SHA-256 iterations (OWASP 2023 recommendation) is used to derive the key. A random 128-bit salt is generated per encryption, preventing rainbow-table attacks. That said, always use a long, random passphrase — the security of symmetric encryption ultimately depends on the strength of your password.

Is this tool free to use?

Yes. All Skybin developer tools are free with no account, API key, or usage limits.

Does my data get sent to a server?

No. Processing runs in your browser whenever possible. Sensitive input never leaves your device unless a tool explicitly fetches a URL you provide (e.g. OG Validator).

Can I use this on mobile?

Yes. The tools work in modern mobile browsers, though a desktop screen is easier for large JSON or PDF workflows.

How is this different from desktop apps?

There is nothing to install or update. Open a bookmarked URL and start working — ideal for quick tasks during development or support calls.

Are there keyboard shortcuts?

Most tools support standard paste (Ctrl+V / Cmd+V) and select-all in text areas. Copy buttons provide one-click output.

Does Skybin store my history?

No. We do not log tool inputs or outputs. Refreshing the page clears in-memory state unless the tool encodes state in the URL.

免费工具

Text Encryptor / Decryptor

Encrypt and decrypt text in your browser using AES-256-GCM, AES-256-CBC, or RSA-OAEP 2048. Password-derived keys via PBKDF2. No data leaves your device.

Algorithm

Password / Passphrase

Key is derived from your password using PBKDF2-SHA256 (310,000 iterations). AES-256-GCM also authenticates the ciphertext — any tampering is detected.

Input

All encryption and decryption runs entirely in your browser using the Web Crypto API — no data is ever sent to any server.

Which algorithm should I use?

AES-256-GCM is the recommended choice for most use cases. It is an authenticated encryption scheme — meaning it both encrypts your data and verifies its integrity, detecting any tampering. AES-256-CBC is a classic choice but lacks built-in authentication. RSA-OAEP is asymmetric — anyone with the public key can encrypt, but only the holder of the private key can decrypt. Use RSA for scenarios like sending a secret to someone without sharing a password.

How are keys derived from passwords?

For AES-GCM and AES-CBC, your password is never used directly as the key. Instead, PBKDF2 with SHA-256 and 310,000 iterations is used to derive a 256-bit key from your password and a random salt. The salt is stored alongside the ciphertext so decryption only requires the password. This means even weak passwords become much harder to brute-force.

Output format

The encrypted output is Base64-encoded and contains the salt, IV (initialisation vector), and ciphertext — everything needed to decrypt it. Simply paste the output back into the Decrypt tab with the same password.

Why use Text Encryptor / Decryptor online?

Text Encryptor / Decryptor in the browser saves context switching: no CLI install, no fragile one-liners, and instant feedback for teammates who do not live in the terminal. It is ideal for debugging, demos, and quick checks during code review.

Tips for best results

Work with a sample payload first, then paste production data. Keep privacy in mind: prefer local browser processing for secrets, tokens, and customer data. Bookmark this page for faster access next time.

How to use

Choose Encrypt or Decrypt tab.
Select an algorithm — AES-256-GCM is recommended.
For AES algorithms: enter a password. For RSA: generate or paste a keypair.
Paste your text and click Encrypt or Decrypt.
Copy the output.
Review the output and use Copy to paste into your editor, ticket, or chat.
Need another utility? Scroll to Related Tools below for Text Encryptor / Decryptor companions on skybin.io.
For a deeper walkthrough, read the linked Skybin blog article at the bottom of this page.

在线工具与终端对比

终端 / CLI	本工具
Install CLI tools or write a one-off script	Open the tool in your browser — no install
Look up flags in man pages or Stack Overflow	Paste input or upload files where supported
Repeat for each file format or edge case	Get instant visual feedback and copy buttons

All encryption runs in your browser using the Web Crypto API — no data is ever sent to any server.

来自 Skybin 博客

Free developer tools from Skybin

在 Skybin 阅读指南

常见问题

What does Text Encryptor / Decryptor do?: Encrypt and decrypt text in your browser using AES-256-GCM, AES-256-CBC, or RSA-OAEP 2048. Password-derived keys via PBKDF2. No data leaves your device.
What is AES-256-GCM?: AES-256-GCM (Advanced Encryption Standard, 256-bit key, Galois/Counter Mode) is a symmetric authenticated encryption algorithm. It is used by TLS 1.3, Signal, and most modern secure systems. The GCM mode adds an authentication tag that detects any modification to the ciphertext.
What is the difference between AES-GCM and AES-CBC?: Both use the same AES block cipher with a 256-bit key. GCM mode is an AEAD (Authenticated Encryption with Associated Data) scheme — it produces an authentication tag alongside the ciphertext so any tampering is detected during decryption. CBC mode does not authenticate, meaning a modified ciphertext may decrypt without error but produce garbage output.
What is RSA-OAEP?: RSA-OAEP is an asymmetric encryption scheme. You generate a keypair: the public key can be shared openly and used to encrypt messages, but only the private key can decrypt them. OAEP (Optimal Asymmetric Encryption Padding) is the secure padding scheme required for RSA encryption.
Can I decrypt on a different device?: Yes. The output contains all the information needed to decrypt — salt, IV, and ciphertext — encoded as Base64. Copy the output, paste it on another device in the Decrypt tab, enter the same password (or private key for RSA), and it will decrypt correctly.
How strong is the password protection?: PBKDF2 with 310,000 SHA-256 iterations (OWASP 2023 recommendation) is used to derive the key. A random 128-bit salt is generated per encryption, preventing rainbow-table attacks. That said, always use a long, random passphrase — the security of symmetric encryption ultimately depends on the strength of your password.
Is this tool free to use?: Yes. All Skybin developer tools are free with no account, API key, or usage limits.
Does my data get sent to a server?: No. Processing runs in your browser whenever possible. Sensitive input never leaves your device unless a tool explicitly fetches a URL you provide (e.g. OG Validator).
Can I use this on mobile?: Yes. The tools work in modern mobile browsers, though a desktop screen is easier for large JSON or PDF workflows.
How is this different from desktop apps?: There is nothing to install or update. Open a bookmarked URL and start working — ideal for quick tasks during development or support calls.
Are there keyboard shortcuts?: Most tools support standard paste (Ctrl+V / Cmd+V) and select-all in text areas. Copy buttons provide one-click output.
Does Skybin store my history?: No. We do not log tool inputs or outputs. Refreshing the page clears in-memory state unless the tool encodes state in the URL.