**Any private or public key value that you enter, or we generate
is
not stored on this site, this tool is provided via an HTTPS URL to ensure that
private
keys cannot be stolen.**

This tool provides flexibility for RSA encrypt with a public key as well as private
key and vice versa.

### If you
appreciate this tool, then you can consider donating.

We are thankful for your never ending support.
For Java implementation of RSA, you can follow this
article.

By default, the private key is generated in PKCS#8 format and the public key is generated in X.509 format.

## Key Features of RSA

**Asymmetric Key Algorithm**: Uses a pair of keys (public and
private).
**Security Basis**: Security is based on the difficulty of
factoring large integers composed of two or more large prime numbers.
**Variable Key Lengths**: Common key lengths are 1024, 2048, and
4096 bits.
**Use Cases**: Widely used in secure communications, digital
signatures, and key exchanges.

## Key Concepts

**Key Generation:**
**Public Key:** Comprises two components: a modulus nn and
an exponent ee. The modulus nn is the product of two large prime numbers
pp and qq, and ee is typically a small, fixed value such as 65537 (often
chosen for efficiency reasons).
**Private Key:** Also consists of two components: the same
modulus nn and an exponent d. The exponent dd is computed such that
d⋅e≡1 mod ϕ(n)d⋅e≡1 modϕ(n), where ϕϕ is Euler's quotient function
ϕ(n)=(p−1)(q−1).

## Security Considerations:

**Key Size:**RSA security depends on the size of the modulus nn. As
computing power increases, larger key sizes are required to maintain security.
**Padding:**Proper padding schemes (e.g., OAEP, PKCS#1 v1.5) are
crucial to prevent certain cryptographic attacks and ensure secure encryption.
**Key Management:**Private keys must be securely stored.

## RSA Encryption through OpenSSL

Open a command line shell with openSSL
and execute below commands to generate RSA key pair.

### Generate Private Key

You can generate a public and private RSA key pair by running the below
command.
It
generates a 2048-bit private key and output it to the **private.pem**
file.

$ openssl genrsa -out private.pem 2048

### Export Public Key

Given a private key, you can export its public key and output it to
**public.pem**
using below command.

$ openssl rsa -in private.pem -pubout -out public.pem

Next open the public.pem and ensure that it starts with -----BEGIN PUBLIC
KEY-----.
This is how we know that this file is the public key of the pair.

### Encrypt Data

We can now use this key pair to encrypt and decrypt a file, **data.txt**.

$ openssl rsautl -encrypt -inkey public.pem -pubin -in data.txt -out data.txt.enc

#### Decrypt Data

Below command can be use to decrypt RSA encrypted file. Let's use the file
that
is
encrypted above.

$ openssl rsautl -decrypt -inkey private.pem -in data.txt.enc -out data.txt

## Usage Guide

Below is the usage guide of this tool.

### RSA Public and Private Keys

In the first section of this tool, you can generate public and private keys.
The
private key is used to generate digital signatures, and the public key is
used
to
verify
the digital signatures.

To generate the keys, select the RSA key size between 515, 1024, 2048 and
4096
bit
and then click on the button to generate the keys for you.

Since 2015, NIST has recommended a minimum of 2048-bit keys for RSA. A
4096-bit
key
size does provide a reasonable increase in strength over a 2048-bit key size
but
the
encryption strength doesn't drop off after 2048 bits. There's a significant
increase
in
CPU usage as a result of a 4096 bit key size. Hence, it is recommended to
use
2048-bit
keys.

### RSA Encryption

For encryption and decryption, enter the plain text and supply the key. As
the
encryption can be done using both the keys, you need to tell the tool about
the
key
type
that you have supplied with the help of a radio button. By default, public
key
is
selected. Then, you can use the cipher type to be used for the encryption.
RSA,
RSA/ECB/PKCS1Padding and
RSA/ECB/OAEPWithSHA-1AndMGF1Padding. Now, once you
click
the
encrypted button, the encrypted result will be shown in the textarea just
below
the
button.

### RSA Decryption

Similarly, for decryption, the process is the same. Here, you need to enter
the
RSA
encrypted text and the result will be a plain-text. You have both the
options to
decrypt
the encryption with either public or private keys.

## Applications of RSA

**Secure Data Transmission**: Used in SSL/TLS for secure
web
browsing.
**Digital Signatures**: Ensures the authenticity and
integrity
of a
message.
**Key Exchange**: Used to securely exchange symmetric keys
for
encryption algorithms like AES.

RSA is fundamental to modern cryptography and is used in a variety of
security
protocols and applications. Its strength lies in the computational
difficulty of
factoring large composite numbers.