RSA Key Generator & Encryption Tool

Create secure RSA key pairs and encrypt messages with this free online tool. It's perfect for learning public-key cryptography or generating keys for secure communications. All processing happens locally in your browser.

Mode

Key Size

How RSA Encryption Works

RSA is an asymmetric encryption algorithm that uses a pair of keys: a public key for encryption and a private key for decryption. The security of RSA relies on the mathematical difficulty of factoring large prime numbers.

Key Generation: Two large prime numbers are multiplied to create a modulus. The public exponent (typically 65537) and private exponent are derived mathematically.

Encryption: Anyone can encrypt messages using your public key, but only you can decrypt them with your private key. Keep your private key secure!

How It Works

This RSA key generator creates public/private key pairs using the RSA algorithm. RSA is an asymmetric cryptosystem - one key encrypts, the other decrypts. The public key can be shared; the private key must remain secret.

The key generation process:

Generate prime numbers: Two large random prime numbers (p and q) are generated. For 2048-bit keys, each is ~1024 bits.
Calculate modulus: n = p × q. This becomes part of both public and private keys.
Compute totient: φ(n) = (p-1)(q-1). Used to generate the exponents.
Generate exponents: Public exponent e (commonly 65537) and private exponent d are calculated so that e×d ≡ 1 (mod φ(n)).

The public key is (n, e) and the private key is (n, d). Security relies on the difficulty of factoring n back into p and q - computationally infeasible for large keys.

When You'd Actually Use This

Setting Up SSH Key Authentication

Generate RSA keys for secure SSH login to servers without passwords.

Creating TLS/SSL Certificates

Generate keys for web server certificates, code signing, or document signing.

Learning Public-Key Cryptography

Understand asymmetric encryption by generating and experimenting with real key pairs.

Testing Encryption Implementations

Create test keys for developing or debugging RSA encryption/decryption code.

Secure File Exchange Setup

Generate keys for encrypting files that only specific recipients can decrypt.

API Authentication Configuration

Create key pairs for services that use RSA for API request signing or authentication.

What to Know Before Using

Key size determines security level

1024-bit is deprecated (breakable). 2048-bit is minimum for current security. 3072-4096 bit recommended for long-term security. Larger keys are slower.

Private keys must be kept secret

Anyone with your private key can decrypt messages and impersonate you. Store it securely, encrypted with a strong passphrase.

This tool runs in-browser but use caution

While keys are generated locally (not sent to servers), for production use, generate keys on secure, offline systems using trusted tools.

PEM format is widely compatible

PEM format (BEGIN RSA PRIVATE KEY markers) works with most tools. DER is binary. PKCS#12 (.p12) bundles keys with certificates.

RSA is being replaced by elliptic curves

For new applications, consider ECDSA or Ed25519. They provide equivalent security with smaller keys and faster operations.

Common Questions

What key size should I use?

2048-bit minimum for current security. 3072-bit or 4096-bit for long-term security or sensitive applications. 1024-bit is deprecated and should not be used.

Can I use the same RSA key for encryption and signing?

Technically yes, but it's not recommended. Best practice uses separate keys: one for encryption, one for signing. This limits damage if one key is compromised.

How do I share my public key?

Public keys are meant to be shared! Upload to key servers, add to your website, include in email signatures, or send directly. Just verify the fingerprint to prevent impersonation.

What's the difference between RSA and ECC keys?

ECC (Elliptic Curve Cryptography) provides equivalent security with much smaller keys. A 256-bit ECC key ≈ 3072-bit RSA. ECC is faster and more efficient, especially on mobile.

Can quantum computers break RSA?

Yes. Shor's algorithm can factor large numbers efficiently on a sufficiently powerful quantum computer. Post-quantum cryptography is being standardized to address this.

How do I protect my private key?

Encrypt it with a strong passphrase. Store it on encrypted storage. Never share it. Consider hardware security modules (HSM) or smart cards for high-security applications.

What does PEM format look like?

PEM is Base64-encoded text between markers: -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY-----. Easy to copy/paste and works with most tools.

Other Free Tools

Search tools