RSA Key Pair Generator
Generate RSA-OAEP 2048-bit or 4096-bit public/private key pairs in PEM format. Uses the Web Crypto API for secure key generation entirely in your browser. Your private key is never transmitted to any server.
Key generation runs entirely in your browser via Web Crypto API. Your private key NEVER leaves your device. We cannot see, store, or recover your keys. Treat your private key like a password — never share it.
Key Facts
- Algorithm: RSA-OAEP (Optimal Asymmetric Encryption Padding) with SHA-256 hash and exponent 65537 (0x10001)
- Asymmetric: Uses two mathematically linked keys. The public key encrypts; only the matching private key can decrypt
- Output Format: PEM (Privacy-Enhanced Mail) — Base64-encoded with standard headers, compatible with OpenSSL, SSH, and web servers
- 2048-bit: Current minimum standard. Considered secure through at least 2030 per NIST SP 800-57. Generates in under 1 second
- 4096-bit: Higher security margin for long-term secrets and certificate authorities. Generates in 1-5 seconds depending on device
- Privacy: Keys are generated in browser memory via Web Crypto API. Zero network requests during generation
RSA vs AES: When to Use Each
- RSA (Asymmetric): Two keys — public and private. Encrypt with public, decrypt with private. Slow for large data. Used for key exchange, digital signatures, SSL/TLS handshakes, and encrypting small payloads
- AES (Symmetric): One shared key for both encryption and decryption. Fast for large data. Used for file encryption, disk encryption, VPNs, and database encryption. See our AES-256 Encryptor
- Hybrid Approach (Real World): Most secure systems use both. RSA encrypts a random AES session key; AES encrypts the actual data. This is how HTTPS, PGP, and Signal work
Common RSA Key Use Cases
- SSH Authentication: Use RSA keys for passwordless login to servers. Add public key to
~/.ssh/authorized_keys - SSL/TLS Certificates: RSA key pairs are the foundation of HTTPS certificates that secure web traffic
- Digital Signatures: Sign documents, code, or commits with your private key. Others verify with your public key
- PGP/GPG Email: Encrypt emails so only the intended recipient can read them
- API Authentication: Sign API requests with RSA keys for secure machine-to-machine communication
- JWT Signing: RS256 algorithm uses RSA keys to sign JSON Web Tokens. See our JWT Decoder
Frequently Asked Questions
What is an RSA key pair?
RSA is an asymmetric encryption algorithm that uses a mathematically linked pair of keys. The public key can encrypt data that only the corresponding private key can decrypt. Invented in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman, RSA remains one of the most widely used cryptographic systems for SSL/TLS, SSH, PGP, digital signatures, and secure key exchange.
Should I use 2048-bit or 4096-bit?
2048-bit is the current minimum standard and is considered secure through at least 2030 per NIST guidelines (SP 800-57). Choose 4096-bit for long-term secrets, certificate authorities, and high-security environments. Note that 4096-bit keys are approximately 2-4x slower for signing and decryption operations.
Is my private key safe when using this tool?
Yes. Key generation happens entirely in your browser using the Web Crypto API. Your private key is never transmitted to any server. However, once generated you are responsible for storing it securely. Anyone with your private key can decrypt your data and impersonate your identity.
What is PEM format?
PEM (Privacy-Enhanced Mail) is a Base64-encoded text format for cryptographic keys and certificates, wrapped in header and footer lines like -----BEGIN PUBLIC KEY-----. It is the most widely used key format, compatible with OpenSSL, Apache, Nginx, SSH, and most cryptographic libraries.
Are RSA keys vulnerable to quantum computers?
Theoretically, yes. Shor's algorithm running on a sufficiently powerful quantum computer could factor RSA keys. However, as of 2025, no quantum computer capable of breaking RSA-2048 exists. NIST is standardizing post-quantum algorithms (CRYSTALS-Kyber, CRYSTALS-Dilithium) as replacements. For current use, RSA-2048 and RSA-4096 remain secure.