Logo

MonoCalc

/

Secure Notes Encoder

Encode/Decode
AES-256-GCM · PBKDF2-SHA-256

0 chars · 0 bytes

Options

🔐 Encryption Pipeline

Passphrase

PBKDF2-SHA-256

AES-256 Key

AES-GCM Encrypt

Encode Output

• Salt: 16 bytes (embedded)

• IV: 12 bytes (embedded)

• Auth tag: 16 bytes (GCM)

• Key size: 256 bits

• 100% client-side — no server

About This Tool

🔐 Secure Notes Encoder – AES-256-GCM Browser Encryption

The Secure Notes Encoder lets you encrypt personal notes, API keys, passwords, and any sensitive text directly in your browser using AES-256-GCM — the same authenticated encryption standard trusted by TLS, Signal, and modern banking applications. All processing happens locally on your device; no data is ever transmitted to a server.

How Encryption Works

When you click Encrypt, the tool runs a four-step pipeline entirely inside your browser:

  1. Key derivation — Your passphrase is fed into PBKDF2-SHA-256 along with a cryptographically random 16-byte salt and your chosen iteration count. This stretches a short human-readable passphrase into a full 256-bit AES key. The salt prevents pre-computed (rainbow table) attacks.
  2. Encryption — The plaintext is encrypted with AES-256-GCM using a fresh random 12-byte initialization vector (IV). GCM mode adds a 16-byte authentication tag that automatically detects any tampering with the ciphertext.
  3. Packaging — The salt (16 bytes), IV (12 bytes), and ciphertext are concatenated into a single self-contained binary blob. No external parameters need to be stored separately.
  4. Encoding — The binary blob is encoded as Base64, Hex, or Base64-URL so it can safely be copy-pasted into any text field, email, or URL.

Decryption reverses the process: the encoded blob is decoded, the salt and IV are extracted from the first 28 bytes, the AES key is re-derived using your passphrase, and AES-GCM decrypt is called. If the passphrase is wrong or the ciphertext was altered, the GCM authentication tag check fails and an error is shown — no partial or garbled output is returned.

Choosing an Encoding Format

All three output formats encode exactly the same ciphertext bytes — only the text representation differs:

  • Base64 — most compact (~33% larger than binary), universally supported in emails, databases, and note apps. This is the recommended default.
  • Base64-URL — same as Base64 but replaces + with - and / with _, and omits padding — safe to embed in URLs and query strings without percent-encoding.
  • Hex — each byte becomes two lowercase hexadecimal digits (~100% larger than binary), but it is completely ASCII-safe, human-scannable, and compatible with command-line tools like xxd and openssl.
You must use the same encoding format for both encryption and decryption. The format is not embedded in the output — keep a note of which format you used.

PBKDF2 Iterations and Security

The iteration count controls how long it takes to derive the AES key from your passphrase. Higher iterations mean an attacker who steals your ciphertext must spend proportionally more time testing each passphrase guess:

  • 100,000 (default) — NIST-recommended minimum for PBKDF2-SHA-256 as of 2023. Derives a key in under a second on modern hardware.
  • 300,000–600,000 — recommended for high-security applications and long-term storage. Adds 1–3 seconds of processing time on typical devices.
  • Below 10,000 — insufficient for protecting data against a determined attacker with modern GPU hardware.

Encoding-Only Mode (No Encryption)

Enable Encoding only in the options panel to convert plaintext to Base64, Hex, or Base64-URL without any AES encryption. This is useful for URL-safe encoding, storing binary data as text, or embedding data in data URIs — but it provides no confidentiality. Anyone can decode Base64 or Hex without a key in milliseconds.

Batch Mode

Enable Batch mode to encrypt or decrypt multiple notes at once — one note per line. Each line is processed independently with the same passphrase and receives a numbered prefix [1] …, [2] … in the output. This is useful for encrypting a list of credentials or API keys in a single pass.

Sharing and Portability

Use Copy Link to generate a URL with the ciphertext embedded in the ?ct= query parameter. When anyone opens that link, the tool pre-fills the ciphertext into the decrypt input automatically — they only need to know the passphrase. The passphrase is never included in the link, so sharing the URL publicly does not compromise the plaintext.

The QR code output is convenient for transferring short ciphertext blobs to a mobile device by scanning. For long ciphertexts (over ~600 characters), use the Download or Copy buttons instead as QR codes have a maximum data capacity.

Privacy and Security Notes

100% client-side — the Web Crypto API runs entirely in your browser. No plaintext, passphrase, or ciphertext is ever sent to MonoCalc servers or any third party.

While AES-256-GCM is cryptographically strong, the overall security depends on passphrase quality. Use the built-in strength meter and Generate button to create a high-entropy passphrase. Store your passphrase separately from the ciphertext — for example, keep the encrypted blob in a note app and the passphrase in a password manager.

Frequently Asked Questions

Is the Secure Notes Encoder free?

Yes, Secure Notes Encoder is totally free :)

Can I use the Secure Notes Encoder offline?

Yes, you can install the webapp as PWA.

Is it safe to use Secure Notes Encoder?

Yes, any data related to Secure Notes Encoder only stored in your browser (if storage required). You can simply clear browser cache to clear all the stored data. We do not store any data on server.

How does the Secure Notes Encoder work?

The tool encrypts your text using AES-256-GCM, a military-grade authenticated encryption algorithm. Your passphrase is stretched into a 256-bit key via PBKDF2-SHA-256 with a random salt and configurable iterations. A random IV is generated for each encryption. The salt, IV, and ciphertext are concatenated and then encoded as Base64, Hex, or Base64-URL — all processing happens locally in your browser.

Is my data ever sent to a server?

No. All encryption and decryption is performed entirely in your browser using the built-in Web Crypto API (window.crypto.subtle). No data ever leaves your device and no network requests are made during processing.

What encoding format should I choose?

Base64 is the most compact and widely supported format — ideal for emails and note apps. Base64-URL is safe for use directly in URLs and query strings. Hex (hexadecimal) is more verbose but human-readable and compatible with most cryptographic tools. Use the same format for both encryption and decryption.

How many PBKDF2 iterations should I use?

The default of 100,000 iterations balances security and speed for most purposes. Higher values (up to 600,000) significantly increase brute-force resistance but take more time to process. Avoid values below 10,000 as they offer weak protection against modern attack hardware.

Can I decrypt notes on a different device or browser?

Yes. The salt and IV are embedded in the encrypted output, so you only need the ciphertext blob, the passphrase, the PBKDF2 iteration count, and the same encoding format. Enter these into this tool on any device to recover your original text.

What is the difference between encryption mode and encoding-only mode?

Encoding-only mode (Base64/Hex/Base64-URL) is simple obfuscation — anyone can reverse it without a key. Encryption mode uses AES-256-GCM so that without the correct passphrase the ciphertext cannot be read. Use encryption for sensitive data and encoding-only for lightweight text transformation.