RSA Key Generator & Encryption Tool
Free online RSA private key generator and encryption tool. Generate RSA 1024/2048/4096 keys, encrypt and decrypt messages with RSA-OAEP.
Frequently Asked Questions (FAQ)
What is RSA encryption?
RSA is an asymmetric cryptographic algorithm that uses two different keys: a public key to encrypt data and a private key to decrypt it. It is widely used for secure data transmission and digital signatures.
What is the difference between RSA-OAEP and RSA-PKCS1?
RSA-OAEP (Optimal Asymmetric Encryption Padding) is a newer, more secure padding scheme and is highly recommended for new applications. RSA-PKCS1 is an older standard that is kept mainly for compatibility with legacy systems.
Why do I get a 'Message too long' error when encrypting?
Asymmetric algorithms like RSA are not designed to encrypt large amounts of data directly. The maximum data size depends on the key length (e.g., a 2048-bit RSA key can only encrypt about 200 bytes of data). For large files or texts, use 'Hybrid Encryption': encrypt the data with a symmetric algorithm like AES, and then encrypt the AES key with RSA.
Are my generated private keys safe on this site?
Yes. All key generation, encryption, and decryption processes are performed locally in your browser using the Web Crypto API. No private keys or plaintext data are ever sent to our servers.
Algorithm Guide & Security Best Practices
Quick Reference
| Algorithm | Type | Best For | Security | Key Size |
|---|---|---|---|---|
| RSA-OAEP | Encryption | General use | ⭐⭐⭐⭐⭐ | 2048+ bits |
| RSA-PKCS1 | Encryption | Legacy systems | ⭐⭐⭐⭐ | 2048+ bits |
| RSA-PSS | Signature | Digital signatures | ⭐⭐⭐⭐⭐ | 2048+ bits |
| ECDH | Key Exchange | Performance | ⭐⭐⭐⭐⭐ | 256+ bits |
| ECDSA | Signature | Fast signatures | ⭐⭐⭐⭐⭐ | 256+ bits |
| SM2 | Encryption | China compliance | ⭐⭐⭐⭐⭐ | 256 bits |
Algorithm Selection Guide
For Encryption (Protect Data)
- RSA-OAEP + SHA-256: Best compatibility, recommended for most cases
- ECDH + AES-GCM: Best performance, ideal for large data
For Digital Signatures
- ECDSA + P-256: Fast and efficient
- RSA-PSS + SHA-256: Maximum compatibility
For Chinese Compliance
- SM2: Required for government and financial systems in China
Key Size Comparison
| RSA Bits | ECC Bits | Security Level |
|---|---|---|
| 1024 | - | ⚠️ Not recommended |
| 2048 | 256 | ✅ Recommended |
| 3072 | 384 | ✅ Strong |
| 4096 | 521 | ✅ Maximum |
Common Use Cases
1. Secure Communication
Send encrypted messages without sharing a secret key upfront. The sender encrypts with the recipient's public key, only the recipient can decrypt with their private key.
2. Digital Signatures
Prove message authenticity and integrity. The signer uses their private key, anyone can verify with the public key.
3. Key Exchange
Securely exchange symmetric keys (like AES keys) between parties using ECDH.
Security Best Practices
- Never use raw RSA - Always use padding (OAEP for encryption)
- Use 2048+ bit RSA keys - 1024-bit is considered insecure
- Prefer ECC over RSA - Better performance with equivalent security
- Use approved curves - P-256, P-384, P-521 are NIST approved
- Use SHA-256 or stronger - Avoid SHA-1 for new implementations
- Protect private keys - Use HSM for production systems
Troubleshooting
| Error | Cause | Solution |
|---|---|---|
| Key import failed | Invalid format | Use PEM or JWK format |
| Encryption failed | Key size too small | Use 2048+ bit keys |
| Decryption failed | Wrong key pair | Ensure matching public/private keys |
| Data too long | Message exceeds key capacity | Use hybrid encryption (RSA + AES) |