Generate RSA-2048 or RSA-4096 key pairs in-browser using the Web Crypto API. Keys are exported in standard PEM format, ready for use with OpenSSL, SSH, and any language's crypto library.
Uses RSA-OAEP with SHA-256 — the modern, secure RSA encryption scheme. OAEP adds random padding before encryption, making each ciphertext unique even for the same plaintext and key.
Paste any PEM-encoded RSA public or private key (PKCS#8 / SubjectPublicKeyInfo format) to encrypt or decrypt with existing keys. Compatible with keys generated by OpenSSL, Node.js, Python, and Java.
Keys, plaintext, and ciphertext never leave your browser. No server communication occurs during key generation, encryption, or decryption. Safe for testing with real keys.
RSA is an asymmetric encryption algorithm that uses a public/private key pair. Data encrypted with the public key can only be decrypted with the corresponding private key. RSA is widely used for secure key exchange, digital signatures, and encrypting small amounts of sensitive data like symmetric keys.
RSA-OAEP (Optimal Asymmetric Encryption Padding) is a padding scheme that adds random padding before encryption, making it semantically secure. OAEP is the modern standard and is recommended over the older PKCS#1 v1.5 padding, which is vulnerable to certain attacks.
RSA-2048 uses a 2048-bit key and is currently considered secure for most applications. RSA-4096 uses a 4096-bit key and provides higher security at the cost of longer key generation and slower operations. RSA-4096 is recommended for long-term data protection.
With RSA-OAEP-SHA256, the maximum plaintext size is the key size in bytes minus 66. For RSA-2048 that is 190 bytes; for RSA-4096 it is 446 bytes. For larger data, use hybrid encryption: encrypt the data with AES and encrypt only the AES key with RSA.