Cryptography Tools

Active tool: Cryptographic Tools

Selected option: Symmetric Encryption (AES-CBC)

What It Does

Encrypts and decrypts data using AES-CBC (Cipher Block Chaining) mode.

How to Use It

  1. Select “Encrypt” or “Decrypt” mode.
  2. Enter the plaintext or ciphertext.
  3. Enter or generate an encryption key (128, 192, or 256 bits).
  4. Provide or auto-generate an IV (initialization vector).
  5. Click “Encrypt” or “Decrypt”.

Options Explained

OptionDescription
Key size128, 192, or 256 bits — 256-bit is recommended
Key encodingHex, Base64, or UTF-8
IV16-byte initialization vector — must be unique per encryption
Output encodingHex or Base64 for the ciphertext
Tip: CBC provides confidentiality but does not verify ciphertext integrity. An attacker can modify ciphertext without detection. For production systems requiring both confidentiality and authentication, use AES-GCM.
Operation mode
Key size (algorithm)
Secret key encoding
IV encoding

⚠️ Important: Never reuse the same IV with the same key. Generate a new random IV for each encryption operation.

Padding scheme

PKCS#7 padding automatically adjusts plaintext to block size (recommended)

About AES-CBC Mode:

  • CBC (Cipher Block Chaining) provides confidentiality by chaining blocks together using an IV.
  • Unlike ECB, CBC does not reveal patterns because each block depends on previous blocks.
  • Limitation: CBC does not provide authentication or integrity protection - ciphertext can be modified without detection.
  • For authenticated encryption, use AES-GCM, or combine CBC with HMAC (encrypt-then-MAC).
  • IV Requirements: Must be random and unique for each encryption. The IV does not need to be secret, but must never be reused with the same key.
  • Use 32-byte keys (AES-256-CBC) for maximum security in modern applications.

About AES-CBC Encryption

AES-CBC (Cipher Block Chaining) encrypts each 16-byte plaintext block by first XOR-ing it with the previous ciphertext block (or the initialization vector for the first block) before applying AES encryption. This chaining eliminates the pattern leakage inherent in ECB mode, because identical plaintext blocks produce different ciphertext when their position or context differs.

A random, unpredictable Initialization Vector (IV) is essential for every encryption operation. The IV does not need to be secret, but it must never be reused with the same key. Reusing an IV leaks the XOR of the first plaintext blocks, weakening confidentiality. CBC also requires PKCS #7 padding to align the plaintext to the 16-byte block boundary.

CBC provides confidentiality but not integrity or authenticity. An attacker can manipulate ciphertext blocks to produce controlled changes in the decrypted plaintext (padding-oracle attacks). Modern best practice is to combine CBC with HMAC in an encrypt-then-MAC construction, or to use AES-GCM which provides built-in authentication.

Common Use Cases

  • Legacy TLS (TLS 1.0–1.2) cipher suites still in widespread use
  • Encrypting data at rest in systems that predate AEAD adoption
  • OpenSSL command-line file encryption (default mode for many years)
  • Disk and volume encryption in older full-disk encryption tools
  • Interoperability with enterprise and banking protocols requiring CBC
  • Decrypt-and-verify workflows using encrypt-then-MAC with HMAC

What Is AES-CBC?

AES-CBC (Advanced Encryption Standard — Cipher Block Chaining) is a symmetric block cipher mode that encrypts data in 128-bit blocks. Each plaintext block is XORed with the previous ciphertext block before encryption, creating a chain that ensures identical plaintext blocks produce different ciphertext — unlike ECB mode. An initialization vector (IV) seeds the first block and must be random and unique for every encryption operation (but does not need to be secret). AES-CBC provides confidentiality but not integrity; for tamper detection, combine it with HMAC (encrypt-then-MAC) or use an authenticated mode like AES-GCM instead.

Frequently Asked Questions

Does the IV need to be secret?

No. The IV must be unpredictable (random) and unique for each encryption, but it can be stored or transmitted alongside the ciphertext. Reusing an IV with the same key can leak information about the plaintext.

Why is AES-GCM recommended over AES-CBC?

AES-GCM provides both encryption and authentication in a single operation (AEAD), automatically detecting any tampering. AES-CBC only provides confidentiality — you must add a separate MAC to detect modifications, which is error-prone.

What key sizes does AES-CBC support?

AES supports 128-bit, 192-bit, and 256-bit keys. Longer keys provide a larger security margin but are slightly slower. AES-256 is the most common choice for high-security applications.

Is my data sent to a server?

No. All encryption and decryption runs locally in your browser. No plaintext, keys, or ciphertext leave your device.

All operations are performed entirely in your browser. No plaintext, keys, or ciphertext are transmitted to any server.