RSA Key Generator

Generate RSA public/private key pairs in your browser — 2048, 3072, or 4096-bit keys in PEM format.

About RSA Key Generation

RSA (Rivest–Shamir–Adleman) is an asymmetric encryption algorithm that uses a key pair: a public key for encryption and verification, and a private key for decryption and signing. RSA key pairs are the foundation of SSH authentication, TLS certificates (HTTPS), PGP email encryption, JWT RS256 signing, and code signing.

This tool generates RSA keys directly in your browser using the Web Crypto API — keys are never transmitted. 2048-bit keys are the current minimum standard. 4096-bit keys provide additional security at the cost of slower operations — recommended for long-lived keys and highly sensitive applications. Generated keys are exported in PEM format (PKCS#8 for private, SPKI for public), which is compatible with OpenSSL, Node.js, Python (cryptography library), and most other tools.

FAQ

What key size should I use?
2048-bit is the current NIST minimum recommendation, suitable for most applications through 2030. 3072-bit provides security through 2040+. 4096-bit is future-proof but noticeably slower for operations. For SSH keys specifically, Ed25519 is now preferred over RSA.
How do I protect the private key?
Private keys should be encrypted with a passphrase before storage. Never commit private keys to version control. In production, use hardware security modules (HSMs) or key management services (AWS KMS, HashiCorp Vault). Copy the private key immediately and securely — this tool does not store it.

Related Tools

AES EncryptSecurity ToolsHMAC GeneratorSecurity ToolsJWT GeneratorSecurity ToolsSSL Certificate CheckerSecurity ToolsToken GeneratorSecurity Tools