AES Decrypt Online

Mode:Key size:Encoding:

Key (hex — 64 chars)

Combined Ciphertext (IV + ciphertext from AES Encrypt)

Encrypted with AES Encrypt? Match mode, key size, and encoding.

Decrypted Plaintext

Copy

Decrypt AES-encrypted data directly in your browser. Supports AES-GCM (with authentication tag verification), AES-CBC, and AES-CTR with 128, 192, or 256-bit keys. Use “Combined” mode to paste the single combined string from the AES Encrypt tool, or “Separate” for independent IV and ciphertext fields. Your key never leaves your device.

Decryption Checklist

Key: must be the exact key used for encryption (same bytes, hex-encoded)
Mode: must match — AES-GCM ciphertext cannot be decrypted as AES-CBC
Key size: must match — determined by key length (32/48/64 hex chars = 128/192/256-bit)
Encoding: base64 and hex produce different strings for the same bytes — match the encoder
For AES-GCM: the 16-byte authentication tag must be included at the end of the ciphertext

Using Combined vs Separate Mode

Combined: IV is prepended to the ciphertext bytes. The tool automatically splits them using the known IV length for the chosen mode (12 bytes for GCM, 16 for CBC/CTR)
Separate: Paste IV and ciphertext in their own fields. Use this when integrating with other libraries that output them separately (OpenSSL, Node.js, Python)

Decryption Error Meanings

“key must be N hex chars”: Key length doesn't match the selected key size
“Invalid hex / base64”: Check that the encoding matches how the ciphertext was produced
“Combined ciphertext too short”: The pasted data is shorter than one IV block — likely truncated
“operation failed” (GCM only): Auth tag mismatch — wrong key, corrupted data, or wrong mode

Frequently Asked Questions

Why does decryption fail?

The most common causes are: (1) wrong key — even one hex character difference produces a completely different key; (2) wrong mode — AES-GCM, CBC, and CTR produce incompatible outputs; (3) wrong key size — a 64-char hex key is AES-256, 48 is AES-192, 32 is AES-128; (4) wrong encoding — if the ciphertext was produced in hex, select hex here; (5) for AES-GCM, the authentication tag verification failed — the ciphertext was modified or corrupted.

What is "Combined" vs "Separate IV + Ciphertext"?

"Combined" mode expects the IV and ciphertext packed into a single string (IV bytes first, followed by ciphertext bytes). This is the format produced by the AES Encrypt tool. "Separate" mode lets you paste the IV and ciphertext independently — useful when you received them from a different tool or system that outputs them separately.

Can I decrypt data from other AES tools or libraries?

Yes, as long as you know the key, mode, IV, and encoding. For example, data encrypted with Node.js crypto.createCipheriv("aes-256-gcm", key, iv) can be decrypted here by selecting AES-GCM, pasting the hex key, and using Separate mode with the IV and ciphertext separately. Note: for AES-GCM in Node.js, the auth tag must be appended to the ciphertext bytes before pasting here.

How many hex characters is a 256-bit key?

256 bits = 32 bytes = 64 hex characters. A 128-bit key is 16 bytes = 32 hex characters. A 192-bit key is 24 bytes = 48 hex characters. Hex encodes each byte as two characters (00–ff).

What happens to my data when I decrypt?

Nothing is transmitted anywhere. Decryption happens entirely in your browser using the Web Crypto API. Your key and ciphertext only exist in your browser's JavaScript memory during the operation. Close the tab when done if you are on a shared computer.

Does AES-GCM decryption authenticate the data?

Yes. AES-GCM decryption automatically verifies the authentication tag. If the ciphertext or tag has been modified in any way, decryption fails with an error — this is a feature, not a bug. It means you can trust that a successful decryption guarantees the data was not tampered with.