April 6, 2026 3 min readUpdated Apr 9, 2026

AES-256 Encryption Explained for Developers

aesencryptioncryptographysecuritynodejs

What Is AES-256?

AES (Advanced Encryption Standard) is the most widely used symmetric encryption algorithm in the world. AES-256 uses a 256-bit key and is used in HTTPS, file encryption, VPNs, and more.

Symmetric encryption means the same key encrypts and decrypts — unlike RSA which uses a public/private key pair.

AES Modes of Operation

AES only encrypts a single 16-byte block. A mode of operation defines how multiple blocks are processed.

ECB — Never Use

ECB encrypts each block independently. Identical plaintext blocks produce identical ciphertext blocks — patterns in the data are preserved. This is a fundamental security flaw.

CBC (Cipher Block Chaining)

CBC XORs each plaintext block with the previous ciphertext block before encryption. Requires a random IV. Provides confidentiality but not integrity.

const crypto = require('crypto');

function encryptCBC(plaintext, key) {
  const iv = crypto.randomBytes(16); // Always use a random IV
  const cipher = crypto.createCipheriv('aes-256-cbc', key, iv);
  const encrypted = Buffer.concat([cipher.update(plaintext), cipher.final()]);
  return { iv: iv.toString('hex'), ciphertext: encrypted.toString('hex') };
}

GCM (Galois/Counter Mode) — Recommended

GCM provides both confidentiality and integrity via an authentication tag. Always prefer GCM over CBC for new implementations.

const crypto = require('crypto');

function encrypt(plaintext, keyHex) {
  const key = Buffer.from(keyHex, 'hex'); // 32 bytes for AES-256
  const iv = crypto.randomBytes(12);      // 12 bytes recommended for GCM

  const cipher = crypto.createCipheriv('aes-256-gcm', key, iv);
  const encrypted = Buffer.concat([cipher.update(plaintext, 'utf8'), cipher.final()]);
  const authTag = cipher.getAuthTag();

  return {
    iv: iv.toString('hex'),
    ciphertext: encrypted.toString('hex'),
    authTag: authTag.toString('hex'),
  };
}

function decrypt(data, keyHex) {
  const key = Buffer.from(keyHex, 'hex');
  const decipher = crypto.createDecipheriv('aes-256-gcm', key, Buffer.from(data.iv, 'hex'));
  decipher.setAuthTag(Buffer.from(data.authTag, 'hex'));
  return decipher.update(data.ciphertext, 'hex', 'utf8') + decipher.final('utf8');
}

Key and IV Management

Key: Must be exactly 32 bytes of high-entropy random data. Never hard-code keys.
IV: Must be unique per encryption operation. Never reuse an IV with the same key — in GCM mode, IV reuse completely breaks confidentiality.
Store the IV alongside the ciphertext — it is not a secret but must be preserved for decryption.
Derive keys from passwords using a KDF — use PBKDF2, Argon2id, or scrypt:

const key = crypto.pbkdf2Sync(password, salt, 310000, 32, 'sha256');

Common Mistakes

Using ECB mode
Reusing IVs
Using a password directly as a key without a KDF
Skipping integrity verification (always use GCM or add HMAC with CBC)

Try It Instantly

Use the free AES Encryption/Decryption tool on konvertio.app — supports AES-256-GCM, runs entirely in your browser, and never transmits your data to any server.