RSA Key Generator

RSA (Rivest-Shamir-Adleman) is an asymmetric encryption algorithm that uses two mathematically linked keys: a public key for encrypting data and a private key for decrypting it. The security relies on the difficulty of factoring large prime numbers — a 2048-bit RSA key represents a number with 617 digits, and factoring it with current technology would take millions of years. Key sizes directly affect security: 1024-bit keys are considered insecure (theoretically factorable with significant resources), 2048-bit keys are the current standard for most applications, and 4096-bit keys provide extra margin for high-security or long-term needs. The trade-off is performance — 4096-bit operations are about 4-8x slower than 2048-bit. This generator creates RSA key pairs entirely in your browser using the Web Crypto API, the same cryptographic engine used by banks and governments. The private key is formatted in PEM (Privacy Enhanced Mail) format, which is the standard for OpenSSL, SSH, and most server configurations. Your keys never leave your device — critical because possessing someone's private key means being able to decrypt all their communications.

RSA keys serve three primary purposes: encryption, digital signatures, and key exchange. For encryption, you share your public key openly — anyone can use it to encrypt a message that only your private key can decrypt. For digital signatures, the process reverses: you sign with your private key, and anyone with your public key can verify the signature is authentic. TLS/SSL certificates (the padlock in your browser) use RSA keys to establish secure HTTPS connections. SSH (Secure Shell) uses RSA keys for passwordless server authentication — you place your public key on the server and authenticate with your private key. GPG/PGP email encryption uses RSA for securing email communications. JWT (JSON Web Tokens) can be signed with RSA for API authentication. When generating keys for production use, protect your private key with a strong passphrase and never share it. Store it in a secure location: a hardware security module (HSM) for enterprise use, or an encrypted file with restricted permissions for personal use. The public key can be freely distributed — posting it on your website or keyserver is standard practice.