AES Decrypt

Decrypt AES-256-GCM encrypted data — compatible with the AES Encrypt tool output.

About AES Decryption

This tool decrypts data encrypted by the AES Encrypt tool using AES-256-GCM or AES-256-CBC with PBKDF2-SHA256 key derivation. The Base64-encoded ciphertext contains the salt (16 bytes), IV (12 or 16 bytes), and the encrypted data combined — the decryptor automatically extracts these components.

If the wrong password is provided, AES-GCM mode will fail with an authentication error (the GCM authentication tag does not match), detecting both incorrect passwords and any tampering with the ciphertext. This authenticated failure provides security against padding oracle attacks that affect CBC mode.

FAQ

Why does decryption fail with the correct password?
Possible reasons: the ciphertext was encrypted with a different mode (GCM vs CBC), the ciphertext was modified or corrupted during transmission, extra whitespace was added, or a different PBKDF2 iteration count was used. Ensure mode matches exactly.

Related Tools

AES EncryptSecurity ToolsHMAC GeneratorSecurity ToolsBase64 DecodeSecurity ToolsHash CheckerSecurity ToolsPassword GeneratorSecurity Tools