RSA Key Pair Generator

RSA (Rivest-Shamir-Adleman) is one of the most widely used public-key cryptographic algorithms. It uses a pair of mathematically related keys: a public key for encryption and a private key for decryption. The security of RSA relies on the computational difficulty of factoring the product of two large prime numbers.

Key pairs are essential for many security protocols: TLS/SSL certificates, SSH authentication, digital signatures, JWT signing, and encrypted communication. The public key can be freely shared, while the private key must be kept secret. Data encrypted with the public key can only be decrypted with the corresponding private key, and vice versa.

This tool generates RSA keys using the Web Crypto API built into modern browsers. The keys are exported in PEM format — the standard Base64-encoded representation with BEGIN/END markers. The public key uses SPKI (Subject Public Key Info) format, and the private key uses PKCS#8 format, both compatible with OpenSSL and most cryptographic libraries.

A 2048-bit key provides strong security and is the minimum recommended for most applications today. A 4096-bit key offers additional security margin at the cost of slower operations (key generation, encryption, decryption). For most use cases, 2048 bits is sufficient. Choose 4096 bits if you need long-term security or compliance with strict security requirements.

Important: The keys are generated entirely in your browser using the Web Crypto API. The private key never leaves your device — it is not transmitted to any server. However, for production use, consider generating keys in a controlled environment and storing private keys securely (e.g., hardware security modules or encrypted key stores).