Logo

MonoCalc

/

AES Key Generator

Encode/Decode
Client-side only
All keys are generated locally in your browser using the Web Crypto API. No key material is ever sent to any server.

About This Tool

🔐 AES Key Generator – Create Secure Encryption Keys Instantly

The AES Key Generator produces cryptographically secure random symmetric keys for the Advanced Encryption Standard (AES) algorithm — entirely in your browser, with zero server interaction. Whether you need a key for AES-CBC, AES-GCM, or AES-CTR, this tool generates production-ready keys in seconds.

What Is an AES Key?

An AES key is a fixed-length sequence of random bytes used to encrypt and decrypt data. AES supports three standardized key lengths: 128-bit (16 bytes), 192-bit (24 bytes), and 256-bit (32 bytes). The key must be kept secret — anyone who holds the key can decrypt the data.

AES is a symmetric cipher, meaning the same key is used for both encryption and decryption. This is different from asymmetric systems like RSA, which use separate public and private keys. AES is used in TLS/HTTPS, Wi-Fi (WPA3), file encryption tools (e.g., VeraCrypt), cloud storage, and virtually every secure communication protocol.

Key Size Comparison

Key SizeBytesSecurity LevelUse Case
128-bit16~equivalent to RSA-3072Performance-critical apps, IoT
192-bit24Between 128 and 256Rarely used in practice
256-bit ✓32~equivalent to RSA-15360High-security, long-term storage

For new systems, AES-256 is the recommended choice. It provides the highest security margin and is the standard for protecting classified government information under NIST FIPS 197.

How Key Generation Works

This tool uses the Web Crypto API built into all modern browsers — specifically crypto.subtle.generateKey() — to generate keys using the operating system's cryptographically secure random number generator (CSPRNG). This is the same entropy source used by OpenSSL, Node.js crypto, and native OS APIs like/dev/urandom on Linux.

// Web Crypto API — random AES-256 key
const key = await crypto.subtle.generateKey(
  { name: "AES-GCM", length: 256 },
  true,           // extractable
  ["encrypt", "decrypt"]
);
const raw = await crypto.subtle.exportKey("raw", key);

Output Formats

Generated keys can be exported in three common formats:

  • Hexadecimal — a string of hex digits (0–9, a–f), 64 characters for a 256-bit key. Common in configuration files, environment variables, and cryptographic protocols.
  • Base64 — compact ASCII encoding, 44 characters for a 256-bit key. Widely used in JWTs, PEM files, and API authentication headers.
  • Binary — space-separated bit strings for each byte. Useful for educational purposes or low-level debugging.

The tool also shows both Hex and Base64 simultaneously, so you can copy whichever format your library or framework expects without running additional conversions.

PBKDF2 Passphrase-Based Derivation

When you need to derive a key deterministically from a passphrase (so the same passphrase always yields the same key), use the PBKDF2 mode. PBKDF2 (Password-Based Key Derivation Function 2) is defined in RFC 8018 / NIST SP 800-132 and is implemented natively in the Web Crypto API.

You provide a passphrase, a random salt (at least 16 bytes recommended), an iteration count (≥ 600 000 for SHA-256 per current NIST guidance), and a hash algorithm. The higher the iteration count, the more computationally expensive it becomes to brute-force the passphrase, at the cost of slightly longer derivation time.

Important: Unlike random generation, the security of a PBKDF2-derived key depends entirely on passphrase strength. Use a long, random passphrase (e.g., a 5-word passphrase or a randomly generated string ≥ 20 characters).

Understanding Shannon Entropy

Shannon entropy measures how uniformly distributed the byte values in a key are, on a scale of 0.0 to 8.0 bits per byte. A perfect random key has a score close to 8.0. Low entropy indicates that some byte values appear much more frequently than others, which can weaken the cryptographic properties of the key.

Keys generated by this tool consistently score between 7.7 and 8.0 due to the CSPRNG used by Web Crypto API. The Inspect tab lets you verify the entropy of any existing key you provide.

Key Fingerprint for Identification

The tool computes a SHA-256 fingerprint of every generated key — the first 16 hex characters of the hash, prefixed with sha256:. The fingerprint uniquely identifies a key without revealing any of its bytes. You can use fingerprints to:

  • Verify that two parties hold the same key
  • Track which key version was used to encrypt a dataset
  • Audit key rotation logs without exposing key material

Security Best Practices

  • Never share generated keys via email, chat, or plain HTTP.Always use encrypted channels (e.g., TLS, encrypted messaging).
  • Store keys in a secrets manager such as AWS Secrets Manager, HashiCorp Vault, Azure Key Vault, or GCP Secret Manager. Never hard-code keys in source code or commit them to version control.
  • Rotate keys periodically, especially after a suspected breach. Retain old keys only long enough to decrypt existing data, then destroy them securely.
  • Use a different key for each environment (development, staging, production). Never reuse production keys in test environments.
  • For AES-GCM, never reuse the same (key, IV) pair. Generate a fresh random 12-byte nonce for every encryption operation.

Frequently Asked Questions

Is the AES Key Generator free?

Yes, AES Key Generator is totally free :)

Can I use the AES Key Generator offline?

Yes, you can install the webapp as PWA.

Is it safe to use AES Key Generator?

Yes, any data related to AES Key Generator only stored in your browser (if storage required). You can simply clear browser cache to clear all the stored data. We do not store any data on server.

How does this AES Key Generator work?

The tool uses the Web Crypto API built into all modern browsers to generate cryptographically secure random AES keys entirely on your device. Keys are never transmitted to any server. You can choose 128-bit, 192-bit, or 256-bit lengths and export in Hex, Base64, or Binary format.

What is the difference between 128-bit, 192-bit, and 256-bit AES keys?

All three are considered secure against brute-force attacks with current technology. AES-128 uses a 16-byte key and is slightly faster; AES-192 uses 24 bytes and is rarely used in practice; AES-256 uses a 32-byte key and is recommended for high-security applications and long-term data protection. NIST recommends AES-256 for classified information.

What is PBKDF2 key derivation and when should I use it?

PBKDF2 (Password-Based Key Derivation Function 2) derives a deterministic AES key from a human-readable passphrase and a random salt. Use it when you need the same key to be reproducible from a known passphrase (e.g., encrypted file vaults). For random keys that don't need to be reproduced, use the standard random generation mode instead.

What is Shannon entropy and why does it matter for AES keys?

Shannon entropy measures how random the bytes in a key are, expressed as bits per byte (max 8.0). A truly random key should score between 7.5 and 8.0. A lower score indicates patterns or repetition in the key bytes, which could weaken encryption. Keys generated by this tool using the Web Crypto API consistently achieve near-maximum entropy.

Is it safe to use this tool to generate production keys?

Yes — the tool uses `crypto.subtle.generateKey()` from the browser's Web Crypto API, which is a FIPS 140-2 compliant cryptographically secure random number generator. All operations run client-side in your browser and no key material is ever sent to a server. However, always store generated keys in a proper secrets manager (e.g., AWS Secrets Manager, HashiCorp Vault) and never hard-code them in source code.

What is a key fingerprint and how is it used?

A key fingerprint is the SHA-256 hash of the raw key bytes, displayed as a short hex string. It acts as a unique identifier for the key without revealing the key itself. You can use fingerprints to verify that two parties hold the same key or to track which key version was used to encrypt a particular piece of data — similar to how SSH uses fingerprints to identify host keys.