This is a Windows Presentation Foundation user interface to the AES encryption standard.
- Select AES key size (128 or 256).
- Select key generation method.
- PBKDF2 generation using a password
- Generation using random bytes.
- Base64 key pasted into box.
- Choose to text mode or file mode.
- Choose data to encrypt.
- Either paste text into left-hand box, or choose a file to encrypt using browse file.
- Click encrypt.
- Select AES key size to match ciphertext AES key size (128 or 256).
- Select Base64 key pasted into box.
- Paste the encryption key into the encryption box.
- Choose text mode or file mode.
- Choose data to encrypt.
- Either paste text into right-hand box, or choose a file to decrypt using browse file.
- Click decrypt.
- On failure to decrypt, error box will pop up.
This implementation pastes the initialization vector of the AES algorithm into the beginning of the ciphertext, where the first 16 bytes (AES-128) or first 32 bytes (AES-256) is the initialization vector used in encrypting.
Note that sending the initialization vector in the clear is cryptographically secure, and initialization vectors should never be reused. Initialization vector generation is built into this implementation.
The key upon generation is encoded as a base 64 number for brevity.
This interface uses the Microsoft reference AES CBC-PCKS7 implementation. CBC is weak to padding oracle attacks. This attack can be prevented by verifying a HMAC of the ciphertext before attempting to decrypt.
This interface uses the RFC-2898 standard Microsoft implementation.