Online AES Encryption & Decryption

AES (Advanced Encryption Standard) is a widely used symmetric encryption algorithm that ensures the security and confidentiality of data during transmission and storage. It is a symmetric key algorithm, which means the same secret key is used for both encryption and decryption.

AES operates on blocks of data, with the block size being 128 bits. The algorithm uses a variable key length, which can be 128, 192, or 256 bits, depending on the level of security required. The encryption and decryption processes involve several rounds of transformation, including substitution, permutation, and mixing operations, which provide a high level of security.

Encryption algorithm that can operate in various modes, and it often uses an Initialization Vector (IV) and sometimes a salt for added security. Let's break down these concepts

Encryption Algorithms

(a) ECB (Electronic Codebook) Mode: In ECB mode, each plaintext block is independently encrypted using the AES algorithm. However, identical plaintext blocks will produce identical ciphertext blocks, which can lead to patterns in the encrypted data.

(b) GCM (Galois/Counter Mode): GCM is an authenticated encryption mode that combines the counter mode (CTR) with Galois field multiplication for data authentication and integrity.

(c) CFB (Cipher Feedback) Mode: CFB mode is similar to CBC, but instead of XORing the plaintext with the previous ciphertext block, it XORs the plaintext with the previous encrypted block. CFB mode can also be used for data authentication.

(d) OFB (Output Feedback) Mode: OFB mode is similar to CFB, but it generates a keystream that is independent of the plaintext or ciphertext. This keystream is then XORed with the plaintext to produce the ciphertext.

(e) CTR (Counter) Mode: In CTR mode, a counter is encrypted to generate a stream of pseudorandom values. These values are XORed with the plaintext to produce the ciphertext. CTR mode is highly parallelizable and doesn't require padding.

(f) CBC (Cipher Block Chaining) Mode: In CBC mode, each plaintext block is XORed with the previous ciphertext block before encryption. An Initialization Vector (IV) is used for the first block. CBC provides better security than ECB, as it eliminates patterns in the ciphertext caused by identical plaintext blocks.

It's important to choose the appropriate encryption mode based on the specific security and performance requirements of your application. Each mode has its own strengths and weaknesses, and some modes, like GCM and CCM, provide additional features such as authentication and integrity checking.

Initialization Vector (IV):

An IV is a random or pseudo-random value that is used in certain encryption modes (like CBC or CTR) to ensure that the same plaintext, when encrypted multiple times, produces different ciphertexts. The IV is usually combined with the plaintext before encryption.

Salt:

A salt is a random value that is used in password-based encryption (like PBKDF2 or bcrypt) to add uniqueness to the encryption process. It helps protect against dictionary attacks and rainbow table attacks by making sure the same password doesn't always produce the same ciphertext.

PHP

<?php
$data = "Hello, AES!";
$key = "mysecretkey";

$encrypted = openssl_encrypt($data, 'aes-256-cbc', $key, 0, $key);
$decrypted = openssl_decrypt($encrypted, 'aes-256-cbc', $key, 0, $key);

echo "Original: $data\n";
echo "Encrypted: $encrypted\n";
echo "Decrypted: $decrypted\n";
?>

JavaScript

const crypto = require('crypto');

const data = "Hello, AES!";
const key = Buffer.from('mysecretkey');

const cipher = crypto.createCipher('aes-256-cbc', key);
let encrypted = cipher.update(data, 'utf-8', 'hex');
encrypted += cipher.final('hex');

const decipher = crypto.createDecipher('aes-256-cbc', key);
let decrypted = decipher.update(encrypted, 'hex', 'utf-8');
decrypted += decipher.final('utf-8');

console.log(`Original: ${data}`);
console.log(`Encrypted: ${encrypted}`);
console.log(`Decrypted: ${decrypted}`);

Python

from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes

data = "Hello, AES!"
key = b'mysecretkey'

cipher = AES.new(key, AES.MODE_EAX)
nonce = cipher.nonce

ciphertext, tag = cipher.encrypt_and_digest(data.encode())
decipher = AES.new(key, AES.MODE_EAX, nonce=nonce)

decrypted_data = decipher.decrypt_and_verify(ciphertext, tag)
print(f"Original: {data}")
print(f"Encrypted: {ciphertext}")
print(f"Decrypted: {decrypted_data.decode()}")

Java

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import java.util.Base64;

public class AESEncryption {
    public static void main(String[] args) throws Exception {
        String data = "Hello, AES!";
        String keyString = "mysecretkey";

        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        SecretKey secretKey = new SecretKeySpec(keyString.getBytes(), "AES");

        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(Cipher.ENCRYPT_MODE, secretKey);
        byte[] encryptedBytes = cipher.doFinal(data.getBytes());

        System.out.println("Original: " + data);
        System.out.println("Encrypted: " + Base64.getEncoder().encodeToString(encryptedBytes));

        cipher.init(Cipher.DECRYPT_MODE, secretKey);
        byte[] decryptedBytes = cipher.doFinal(encryptedBytes);
        System.out.println("Decrypted: " + new String(decryptedBytes));
    }
}

AES encryption is widely used in various applications, such as secure communication protocols (e.g., TLS/SSL), file encryption, data storage encryption, and more. It has become the de facto standard for symmetric encryption due to its efficiency and strong security properties.