Symmetric file encryption converts readable data into ciphertext using a shared secret key, ensuring only parties holding the same key can restore the original content. Algorithms such as AES-GCM and ChaCha20-Poly1305 combine confidentiality with built-in integrity checks, shielding documents from casual inspection, tampering, or accidental disclosure in routine storage scenarios.
The tool lets you select an encryption mode, type a memorable passphrase, and drop any local file onto its client-side engine. It derives a cryptographic key, generates a random nonce or vector, then runs the chosen algorithm to transform the payload. Decryption reverses the process when you provide the correct password, restoring an identical binary.
Use it before emailing sensitive research, archiving legal contracts on shared drives, or transporting backups on removable media, so only authorised recipients can read the contents. Always choose a strong, unique passphrase; weak or reused passwords can nullify encryption and expose data. Consider storing the key in a dedicated password manager to avoid loss or unauthorised reuse.
Modern authenticated encryption algorithms protect confidentiality and integrity in a single operation. AES-GCM combines the Advanced Encryption Standard block cipher with a Galois/Counter mode authentication tag, while ChaCha20-Poly1305 uses a stream cipher followed by a one-time-universal hash for 128-bit security on mobile or low-power devices. Both accept an initialization vector (IV) and secret key, producing ciphertext whose length equals the plaintext plus a fixed authentication tag under normal operating conditions.
k
bytes.Algorithm | Key (bytes) | IV (bytes) | Tag (bytes) |
---|---|---|---|
AES-GCM 128-bit | 16 | 12 | 16 |
AES-GCM 256-bit | 32 | 12 | 16 |
ChaCha20-Poly1305 | 32 | 12 | 16 |
XChaCha20-Poly1305 | 32 | 24 | 16 |
Legacy CryptoJS Ciphers | ≤32 | — | — |
Encrypting a 1 MiB PDF with AES-GCM 256:
The resulting Base 64 text is 1 350 560 characters long and downloads as report.pdf.enc
.
NIST SP 800-38D defines AES-GCM; RFC 8439 standardises ChaCha20-Poly1305; Bernstein’s papers model the security bounds of XChaCha20. Independent analyses confirm 128-bit integrity margins remain sufficient for non-streaming files.
This process handles cryptographic material entirely in the browser, aligning with GDPR and similar regulations on local-only data processing.
Follow this sequence to secure or unlock a file.
No. Every operation occurs in memory; refreshing or closing the tab erases all traces.
AES-GCM 256 offers industry-standard protection; XChaCha20-Poly1305 may perform better on mobile hardware.
Salt deters rainbow-table attacks by ensuring identical passwords produce different keys.
Confirm the algorithm, password, and encoding match the original settings; any mismatch will trigger authentication errors.
Yes. Once the page is loaded, all functions continue without network access.