Rijndael Online Encryption/Decryption
Original AES algorithm supporting variable block sizes and key lengths of 128/192/256 bits, providing more flexible encryption options
Rijndael & AES
AES is a subset of Rijndael (fixed 128-bit block). This tool supports the full Rijndael specification (128/192/256-bit blocks).
About Rijndael Encryption
Rijndael is a symmetric-key block cipher designed by Belgian cryptographers Joan Daemen and Vincent Rijmen. It won the Advanced Encryption Standard (AES) competition and was selected by NIST as the global encryption standard. While AES fixes the block size to 128 bits, the original Rijndael algorithm supports variable block sizes of 128, 192, and 256 bits, providing greater flexibility and potentially higher security for specific applications.
This tool provides a full implementation of the Rijndael algorithm, allowing you to explore configurations beyond the standard AES specification. With 256-bit blocks combined with 256-bit keys, Rijndael can theoretically offer higher security margins against certain types of cryptanalysis compared to standard AES with 128-bit blocks. All operations are performed locally in your browser using JavaScript, ensuring your sensitive data never leaves your device.
Rijndael vs AES
| Feature | Rijndael | AES |
|---|---|---|
| Block Size | 128/192/256 bits | 128 bits |
| Key Length | 128/192/256 bits | 128/192/256 bits |
| Standard | AES prototype | NIST FIPS 197 |
| Flexibility | High | Medium |
Key Features
- Flexible block sizes: supports 128-bit (AES standard), 192-bit, and 256-bit blocks.
- Variable key lengths: fully supports 128-bit, 192-bit, and 256-bit keys.
- Comprehensive mode support: CBC, ECB, CFB, OFB, CTR, and RAW for diverse needs.
- Client-side security: 100% local processing; data is never sent to servers.
Encryption Modes
- CBC: Each plaintext block is XORed with the previous ciphertext block. Requires IV and provides strong security.
- ECB: Each block is encrypted independently. No IV required, but identical plaintext produces identical ciphertext.
- CFB: Cipher Feedback mode, turns the block cipher into a stream cipher. Requires IV.
- OFB: Output Feedback mode, similar to CFB but generates keystream independently. Requires IV.
- CTR: Counter mode, turns the block cipher into a stream cipher. Requires IV.
- RAW: Single-block direct encryption, mainly for teaching and testing.
Mode Comparison
| Mode | Security | IV Required | Parallel Processing | Recommended Use |
|---|---|---|---|---|
| CBC | High | Yes | Decrypt Only | Most common, suitable for general needs |
| ECB | Low | No | Fully Supported | Not recommended - security risks |
| CTR | High | Yes | Fully Supported | High performance, supports streaming |
| CFB | High | Yes | Decrypt Only | Suitable for stream encryption |
| OFB | High | Yes | Not Supported | Suitable for error-tolerant scenarios |
| RAW | N/A | No | Single block | Teaching and testing only |
Block Size & Key Configuration (Rijndael Specific)
Rijndael's unique strength is its support for variable block sizes. The table below shows all supported combinations:
| Block Size | Key Length | Rounds | AES Compatibility | Security | Recommendation |
|---|---|---|---|---|---|
| 128-bit (16 bytes) | 128/192/256-bit | 10/12/14 | Fully compatible | High | Standard AES configuration, recommended for compatibility |
| 192-bit (24 bytes) | 128/192/256-bit | 12/12/14 | Non-standard | Very high | Rijndael-specific, higher collision resistance |
| 256-bit (32 bytes) | 128/192/256-bit | 14/14/14 | Non-standard | Extremely high | Rijndael-specific, maximum security margin |
Block Size Notes:
Larger block sizes can provide stronger resistance against birthday (collision) attacks. A 256-bit block with a 256-bit key theoretically offers higher security margins than standard AES-256. However, non-128-bit blocks are not AES-standard and may not interoperate with typical AES libraries.
Padding Modes Explained
| Padding | Description | Use Cases |
|---|---|---|
| PKCS7 | Pads with N bytes, each byte value equals N (most common standard padding). | Recommended for most scenarios |
| ZeroPadding | Pads with 0x00 up to the block boundary. | May be ambiguous for binary data |
| NoPadding | No padding; input must be an exact multiple of block size. | CTR, CFB, OFB modes |
| ISO10126 | Fills with random bytes, last byte stores the padding length. | Specific security requirements |
| ANSI X.923 | Pads with 0x00, last byte stores the padding length. | Some legacy systems |
References
FAQ
What is the difference between Rijndael and AES?
AES is a subset of Rijndael. The AES standard (FIPS 197) fixes the block size to 128 bits while allowing 128, 192, or 256-bit keys. The original Rijndael design supports block sizes of 128, 192, and 256 bits, independent of key length. This tool lets you use those non-standard block sizes.
Is Rijndael encryption secure?
Yes, extremely secure. Rijndael was chosen as the Advanced Encryption Standard (AES) after 5 years of global cryptanalysis by top experts. When used with standard AES parameters, it is approved to protect top-secret U.S. government information and is the de facto global standard for data encryption.
When should I use a 256-bit block size?
Use 256-bit blocks when interoperating with systems that explicitly require it or when you want higher security margins against birthday/collision-style attacks compared to 128-bit blocks. For maximum compatibility with existing software and libraries, 128-bit blocks (AES mode) are recommended.
What is RAW mode?
RAW mode processes a single block without any padding or chaining mode. It is intended primarily for teaching, debugging core algorithms, or verifying test vectors. It is not recommended for general data or message encryption because it cannot safely handle data longer than one block.
Will my data be sent to a server?
No. This tool is built with a privacy-first architecture. All cryptographic operations (encryption and decryption) are executed locally in your web browser using JavaScript. Your keys, IVs, and plaintext are never transmitted over the internet or stored on our servers.
What is an IV (Initialization Vector)?
An IV (Initialization Vector) is a random value used during encryption to ensure that the same plaintext produces different ciphertext each time. Its length must equal the block size. For Rijndael, 128-bit blocks require a 16-byte IV, 192-bit blocks need 24 bytes, and 256-bit blocks need 32 bytes. The IV does not need to be secret but should be unpredictable (randomly generated).
Why is decryption failing?
Common reasons include: 1) Wrong key – you must use exactly the same key as during encryption; 2) Wrong IV – must match the IV used during encryption; 3) Incorrect ciphertext format – ensure the selected format matches the actual ciphertext; 4) Configuration mismatch – block size, key length, mode, and padding must exactly match the encryption settings.
Which encryption mode should I choose?
For most applications, CBC mode is recommended for its good balance of security and compatibility. For high performance and parallel processing, choose CTR mode. Never use ECB mode for real data since it reveals patterns and is insecure. CFB and OFB are suitable for streaming scenarios. RAW mode is for teaching and testing only.
How do I generate a secure key?
Use the "Generate Key" button in this tool to create cryptographically secure random keys. If you need to derive keys from passwords, use a Key Derivation Function (KDF) such as PBKDF2, bcrypt, or scrypt instead of using the password directly as a key. Always store encryption keys securely and never transmit them over insecure channels.
Can Rijndael interoperate with other AES tools?
Rijndael is fully compatible with standard AES tools only when using a 128-bit block size. When using 192-bit or 256-bit blocks, these are Rijndael-specific options and most standard AES libraries cannot handle them. For interoperability with other systems, always use a 128-bit block size.