ChaCha20 Encrypt/Decrypt - Free Online Tool | PivaBox

Encrypt and decrypt data using ChaCha20-Poly1305 — the modern AEAD cipher used in TLS 1.3 and WireGuard

How to Use ChaCha20 Encrypt/Decrypt

1. Enter or generate a 256-bit key (32 bytes) in hexadecimal format
2. Enter or generate a 96-bit nonce (12 bytes) in hexadecimal format. Optionally add Associated Data for AEAD
3. Choose Encrypt or Decrypt, enter your data, select the output format, and click the action button

Frequently Asked Questions

Is ChaCha20-Poly1305 secure?

Yes. ChaCha20-Poly1305 is a modern AEAD cipher designed by Daniel J. Bernstein. It is used in TLS 1.3, WireGuard VPN, and SSH. It provides both authenticated encryption and integrity verification.

Does my data leave my device?

No. All encryption and decryption operations happen entirely in your browser. No data is ever sent to any server. The key, nonce, and plaintext remain on your device at all times.

Why must the nonce never be reused with the same key?

Reusing a nonce with the same key breaks the security guarantees of ChaCha20-Poly1305. An attacker who observes two messages encrypted with the same key and nonce can recover the authentication key and forge messages. Always generate a fresh random nonce for each encryption.