Why must AES decryption use the same key as encryption?

AES is a symmetric cipher, so decryption only works when the exact same key from the encryption step is used again.

Why do the IV or nonce values also need to match?

CBC, CTR, and GCM all depend on the IV or nonce as part of the encryption state. Using a different value during decryption produces the wrong result or an outright failure.

Why does GCM report an authentication failure?

GCM checks integrity as well as confidentiality. If the key, nonce, or ciphertext does not match perfectly, authentication fails and the output is rejected.

What is the difference between uploading an .enc file and pasting Base64 or Hex?

An uploaded .enc file is processed as raw bytes directly. When you paste text ciphertext instead, you need to choose the correct Base64 or Hex encoding first.

// cryptographic tool v2.0

AES Decipher

CLIENT-SIDE ONLY

WEB CRYPTO API

Switch to Encryption Tool

⚙

Algorithm Configuration

Mode

Key Size

Padding

🔑

Key & IV Material

Secret Key

The hex key needs 64 characters (32 bytes)

IV / Nonce

The hex IV needs 32 characters (CBC/CTR=32, GCM=24)

⬇

Release to load the .enc file

CIPHERTEXT / INPUT

PLAINTEXT / OUTPUT

Decrypted file ready to download

Need encryption?

Ready - enter the key, IV, and ciphertext, then click Decrypt

Algorithm

AES

CBC Mode

Key Strength

256

bits

Security Level

HIGH

Military Grade

Decrypted

bytes this session

🔑

Why do you need a secret key?

AES is a symmetric cipher, so the same key is used for both encryption and decryption. During decryption, the key must match the encryption key exactly; even a one-character difference will cause failure or unreadable output.

The secret key must remain confidential. Anyone who has the key can decrypt the data, and if the key is lost, the encrypted content may be impossible to recover.

🎲

Why is an IV / nonce required?

The IV or nonce must match the value used during encryption exactly, otherwise the decrypted result will be invalid. CBC and CTR use a 16-byte IV (32 hex characters), while GCM uses a 12-byte nonce (24 hex characters).

The IV normally travels with the ciphertext and does not need to stay secret, but if it is missing, proper decryption is no longer possible.

⚙️

The encryption mode must match exactly

The mode selected here must be identical to the one used during encryption, otherwise decryption will fail or produce unreadable output.

CBC is a common block mode that requires an IV. CTR behaves more like a stream and is fast for large data. GCM adds integrity checks, so tampered ciphertext fails immediately.

📏

The key size must match the encryption step

Key size determines the AES round count, and encryption and decryption must use the same key length.

If the wrong key size is selected, key import fails immediately because the key length no longer matches the chosen AES variant.

📦

Padding must match the encryption step

After decryption, the tool removes padding according to the selected scheme. If the padding mode is wrong, the output may end with garbage bytes or fail entirely.

PKCS#7 is the most common choice and removes padding precisely. Zero Padding trims trailing 00 bytes and is only safe when the original length is known.

🔠

Input encoding: what format is the ciphertext in?

The encryption tool outputs encoded text ciphertext. To decrypt it correctly, choose the same encoding so the browser can rebuild the original bytes before running AES decryption.

Base64 uses letters, numbers, and +/=, often with trailing padding. Hex uses 0-9 and a-f with two characters per byte. If you upload a binary .enc file, the encoding choice is ignored automatically.