ChaCha20 Poly1305 (AEAD) Encrypt Decrypt Online

ChaCha20-Poly1305 provides authenticated encryption (confidentiality + integrity).
This runs entirely in your browser.
Do not reuse key+nonce pairs.

Expected: 64 hex chars (32 bytes)

Expected: 24 hex chars (12 bytes)

Counter:

AAD is authenticated but not encrypted. Include protocol headers, filenames, etc.

Characters: 0
Uppercase
Characters: 0

16-byte authentication tag (32 hex characters)

About ChaCha20 Poly1305

ChaCha20-Poly1305 is an authenticated encryption with associated data (AEAD) algorithm. It provides both confidentiality (encryption) and integrity (authentication).

Security Notes

  • ⚠ NEVER reuse the same key+nonce pair for multiple messages
  • ⚠ Keep keys secret and use secure random generation where possible
  • ⚠ Consider a header format for files (nonce + tag + ciphertext)
  • ⚠ Tag verification must pass for successful decryption

How to Use

  1. # Generate or enter a 256-bit key (32 bytes)
  2. # Generate or enter a 96-bit nonce (12 bytes)
  3. # Enter plaintext (or upload a file) and click "Encrypt"
  4. # To decrypt, enter the same key+nonce, paste ciphertext and tag, then click "Decrypt & Verify"

Technical Details

  • ✓ ChaCha20 stream cipher (RFC 7539)
  • ✓ Poly1305 authenticator (RFC 7539)
  • ✓ AEAD construction (RFC 8439)
  • ✓ File and text processing
  • ✓ HEX and Base64 output formats