Gerador de Chave de Criptografia AES
Guia
Gerador de Chave de Criptografia AES
Generate cryptographically secure AES encryption keys in 128, 192, or 256-bit sizes, in either hexadecimal or Base64 format. Produce up to 10 keys at once for AES-CBC, AES-GCM, AES-CTR, or any AES mode. All keys are generated using the browser’s crypto.getRandomValues() API integrada do navegador para aleatoriedade verdadeira.
Como usar
Select your AES key size (128, 192, or 256 bits), choose your preferred AES mode for context, pick the output format (hex or Base64), and set how many keys to generate. Click Gerar to produce your keys instantly. Each key can be copied individually.
Características
- 3 key sizes – 128-bit (16 bytes), 192-bit (24 bytes), 256-bit (32 bytes)
- All AES modes – GCM, CBC, CTR, CFB, OFB, ECB (for context labelling)
- Dual output format – hexadecimal or Base64
- Geração em lote – gere de 1 a 10 chaves por vez
- Criptograficamente seguro – usa
crypto.getRandomValues() - Somente no lado do cliente – keys are never transmitted
Perguntas frequentes
-
What is the difference between AES-128, AES-192, and AES-256?
AES-128, AES-192, and AES-256 refer to the key lengths in bits — 128, 192, and 256 respectively. All three use the same block cipher algorithm on 128-bit blocks but differ in the number of rounds: 10, 12, and 14 rounds respectively. AES-256 offers the highest security margin but is about 40% slower than AES-128. For most applications, AES-128 with a strong random key is considered secure.
-
What is the difference between AES-GCM and AES-CBC?
AES-GCM (Galois/Counter Mode) is an authenticated encryption mode that provides both confidentiality and integrity/authenticity in a single operation, producing a ciphertext and an authentication tag. AES-CBC (Cipher Block Chaining) provides only confidentiality and requires a separate MAC (e.g., HMAC) for integrity. AES-GCM is preferred in modern protocols like TLS 1.3 because it is faster in hardware and avoids padding oracle vulnerabilities.
-
Why should AES keys be generated with a CSPRNG?
AES security depends entirely on the key being unpredictable. A Cryptographically Secure Pseudo-Random Number Generator (CSPRNG) like
crypto.getRandomValues()produces output that is computationally indistinguishable from true randomness, making exhaustive key search infeasible. UsingMath.random()or time-based seeds produces predictable keys that can be cracked trivially. -
How should AES keys be stored securely?
AES keys should never be stored in source code, environment variables in plain text, or version control. Use a dedicated secrets manager (AWS KMS, HashiCorp Vault, Azure Key Vault) for key storage. For long-lived data, use envelope encryption: encrypt data with a data encryption key (DEK), then encrypt the DEK with a key encryption key (KEK) stored in the KMS. Rotate keys regularly and audit all key access.
Instale nossas extensões
Adicione ferramentas de IO ao seu navegador favorito para acesso instantâneo e pesquisa mais rápida
恵 O placar chegou!
Placar é uma forma divertida de acompanhar seus jogos, todos os dados são armazenados em seu navegador. Mais recursos serão lançados em breve!
Ferramentas essenciais
Ver tudo Novas chegadas
Ver tudoAtualizar: Nosso ferramenta mais recente foi adicionado em 26 de março de 2026
Envolver-se
Ajude-nos a continuar fornecendo ferramentas gratuitas valiosas
