RSA Key Pair Generator
Generate an RSA public/private key pair in PEM format — locally, via the Web Crypto API.
Keep the private key secret — anyone with it can decrypt or sign on your behalf. Larger keys generate more slowly.
The RSA Key Pair Generator creates a fresh public/private key pair in standard PEM format, entirely in your browser using the Web Crypto API. Choose the key size and whether the pair is for signing or encryption, then copy or download the SPKI public key and PKCS#8 private key. Because generation is local, the private key never touches a network or a server.
- ✓2048, 3072, or 4096-bit keys
- ✓Signing (RSASSA-PKCS1-v1_5) or encryption (RSA-OAEP)
- ✓Standard PEM: SPKI public key, PKCS#8 private key
- ✓100% private — keys are generated on your device
Public vs Private Key
An RSA key pair has two halves. The public key can be shared freely — others use it to encrypt data to you or to verify your signatures. The private keymust stay secret — it's what decrypts data and creates signatures. Anyone who obtains your private key can impersonate you, so never paste it into an untrusted site or commit it to a repository. These keys are generated locally and shown only to you.
Choosing a Key Size
Key size is a trade-off between security margin and speed — a larger modulus is harder to factor but slower to generate and slower for every subsequent sign/verify or encrypt/decrypt operation. NIST and most modern guidance treat 2048-bit as the practical floor for RSA in 2026; anything smaller (1024-bit) is considered broken and this tool doesn't offer it.
| Size | Security margin | Speed | Recommended for |
|---|---|---|---|
| 2048-bit | ~112-bit security, current minimum | Fastest | Most application keys, JWT signing, short-lived certs |
| 3072-bit | ~128-bit security | Moderate | Longer-lived keys, stricter compliance requirements |
| 4096-bit | ~150-bit security (diminishing returns) | Slowest | High-assurance or long-horizon keys where speed doesn't matter |
Understanding the PEM Output
PEM (Privacy-Enhanced Mail) is the standard Base64 text envelope almost every crypto library and command-line tool expects. The two blocks this generator produces are the two halves of the pair, each wrapped in its own envelope:
- ▸SPKI — the public key — SubjectPublicKeyInfo, wrapped as "-----BEGIN PUBLIC KEY-----". Safe to share, publish, or embed in a client. This is what verifiers use to check a signature or encrypt data to you.
- ▸PKCS#8 — the private key — Wrapped as "-----BEGIN PRIVATE KEY-----". This is the secret half — treat it exactly like a password. It's what signs data or decrypts anything encrypted to the matching public key.
Both formats are DER-encoded ASN.1 structures, Base64-wrapped at 64 characters per line — the same shape OpenSSL produces with openssl genrsa and openssl rsa -pubout, so the output here drops straight into any tool or library that expects standard PEM.
Using the Key Pair
- 1Choose a key size (2048-bit is a safe default) and whether you need a signing pair or an encryption pair.
- 2Click Generate — the pair appears immediately, generated locally via the Web Crypto API.
- 3Download or copy the private key and store it somewhere secure — a secrets manager, an encrypted vault, or a local file with restricted permissions. Never commit it to a repository.
- 4Distribute the public key to whoever needs to verify your signatures or encrypt data to you — it's safe to publish.
- 5For signing use cases like JWTs, pass the private key to your signing library (jsonwebtoken, PyJWT, etc.) configured for RS256, and share the public key with whatever verifies the token.
Common Uses
- ▸JWT signing (RS256) — Use the private key to sign JWTs and distribute the public key so services can verify them. See the JWT tools.
- ▸Encrypting data — Choose RSA-OAEP to let others encrypt small payloads to your public key that only your private key can decrypt.
- ▸TLS & certificates — Generate a key pair as the starting point for a certificate signing request in development.
- ▸SSH and API authentication — Many services accept an RSA public key for key-based authentication instead of a password.
- ▸Learning public-key crypto — Produce a real key pair to experiment with signing, verification, and encryption.
RSA vs Other Key Types
RSA isn't the only public-key algorithm in common use — elliptic-curve algorithms like Ed25519 and ECDSA (P-256) produce much smaller keys and signatures at equivalent security levels, and are faster to generate. RSA remains dominant because of its universal compatibility: virtually every language, library, and legacy system understands RSA/PEM, whereas Ed25519 support, while growing fast, is still occasionally missing from older tooling. If you control both ends of a system and don't need legacy compatibility, Ed25519 is usually the better modern default; if you need to interoperate broadly (JWT libraries, TLS, enterprise systems), RSA is still the safer choice.