XChaCha20-Poly1305 Encrypt & Decrypt
A ChaCha20-Poly1305 variant with a 24-byte nonce, safer for high volumes. This tool does both encrypt and decrypt on one page — pick a mode, paste your data, and click. Everything runs on your device, nothing is sent to a server.
The key is derived from this password via PBKDF2 (200k iterations). Must match to decrypt.
Everything runs in your browser. Your data is never sent to our servers.
Example
Example Input
Secret message
Example Output
z9Wv…(Base64 ciphertext)
How to Use
- 1Choose Encrypt or Decrypt mode at the top.
- 2Fill the Input field and, if required, complete the fields in "More settings" (key/password).
- 3Click the button (or press Ctrl+Enter) to process.
- 4Copy the result with the Copy button.
About XChaCha20-Poly1305
XChaCha20-Poly1305 extends the ChaCha20-Poly1305 nonce from 12 to 24 bytes. The much longer nonce makes random nonce selection safe even for very many messages, without worrying about collisions (reuse).
This makes it a favorite for application-side and storage encryption, where nonces are often random. This tool uses a password-derived key (PBKDF2) and a random 24-byte nonce.
Like ChaCha20-Poly1305, it is an AEAD — providing confidentiality and integrity together. Use it when encrypting many messages under the same key.
FAQ
Are my data or keys sent to a server?
No. XChaCha20-Poly1305 runs entirely in your browser using the Web Crypto API and client-side libraries. Your data, passwords, and keys never leave your device.