Generate a cryptographically secure random AES key (128, 192, or 256-bit) and a fresh IV, shown in hex and Base64. Created locally with WebCrypto.
How to use the aes key generator
Choose a key size (128, 192, or 256-bit).
Press Generate.
Copy the key (hex or Base64) and the IV into your encryption tool.
Using these values
An AES key is raw random bytes — not a password — so it must be generated by a secure random source, which is exactly what your browser's WebCrypto does here, locally and without sending anything. AES-256 is the common default; AES-128 is also genuinely strong. The IV/nonce makes each encryption unique: use a fresh one for every message under the same key, and never reuse it (especially with AES-GCM). The hex and Base64 forms are the same key in two notations — use whichever your library expects. Store the key in a secrets manager or keychain, never in source control.
An AES key is a string of random bits (128, 192, or 256) used by the AES cipher to encrypt and decrypt data. The same key locks and unlocks, so it is a shared secret that must be kept private and matched on both ends.
AES-128 is already infeasible to brute force and plenty for almost everything. AES-256 adds margin, including against hypothetical future attacks, for a tiny performance cost. Many standards mandate 256, so use it when in doubt; either is genuinely strong.
An IV (initialization vector) or nonce is a random value that makes each encryption unique, so identical plaintext under the same key produces different ciphertext. Reusing one with the same key, especially in GCM, can leak data and break the security entirely.
A key is raw random bytes with full entropy, generated by a machine. A password is a memorable string people choose, which has far less entropy. To turn a password into a key you must stretch it with a function like PBKDF2, Argon2, or scrypt.
Your browser's WebCrypto getRandomValues, a cryptographically secure random generator, produces the bytes locally. The key is created on your device and never transmitted. vpn.golf never sees it and keeps no logs, so nothing is stored or linked to you.
GCM is an authenticated mode that both encrypts and detects tampering, and it is the modern default. CBC only encrypts and needs a separate integrity check (an HMAC) or it is vulnerable to attacks. Prefer GCM unless a system forces CBC.
In a secrets manager, an OS keychain, a hardware security module, or environment variables outside source control. Never commit it to a repo, email it, or hardcode it. Treat it as the most sensitive value in your system.
No, not in practice. A 128-bit key has 2 to the 128th possibilities, far beyond any current or foreseeable computer to search. Real breaches come from leaked keys, weak key derivation, or reused IVs, not from breaking AES itself.
They are the same key in two notations. Use whichever your library or config expects: hex is common in code and easy to read, Base64 is shorter for storage and transport. Do not feed one format where the other is expected.
Not necessarily a new key, but you do need a fresh, unique IV or nonce for every encryption under the same key. One long-lived key with per-message IVs is normal; what is dangerous is reusing the IV, not reusing the key.
Yes, when generation is local and uses WebCrypto, as here, since the key never leaves your device. For the most sensitive keys, generate on a trusted machine free of malware or clipboard loggers, since a compromised endpoint can capture anything.
AES is the standard symmetric cipher protecting data nearly everywhere: disk and file encryption, HTTPS sessions, Wi-Fi (WPA2/3), VPN payloads, password managers, and encrypted backups. It is fast, well-vetted, and trusted for everything from personal files to government secrets.