Security Tools/RSA Encrypt/Decrypt
RSA Encrypt/Decrypt
Public key encryption and decryption with RSA-OAEP
RSA Key Pair
Input
Output
Result will appear here...RSA Encryption Guide
Learn about asymmetric encryption with RSA public-key cryptography
What is RSA?
RSA is an asymmetric encryption algorithm that uses a pair of keys: a public key for encryption and a private key for decryption. It's widely used for secure data transmission, digital signatures, and key exchange. RSA-OAEP (Optimal Asymmetric Encryption Padding) adds security against chosen-ciphertext attacks.
How to Use
- Click 'Generate Keys' to create a new RSA key pair
- Share your public key with others who need to send you encrypted messages
- Use the public key to encrypt messages
- Use your private key to decrypt messages encrypted with your public key
Security Best Practices
- Never share your private key with anyone
- Use RSA for encrypting small data or symmetric keys, not large files
- Store private keys securely, consider using a password manager
Security Note
Key generation and encryption happen entirely in your browser using the Web Crypto API. Private keys should be stored securely and never transmitted. For production use, consider using established cryptographic libraries.
Frequently Asked Questions
What's the difference between RSA and AES encryption?
RSA is asymmetric (two keys: public and private), while AES is symmetric (one key). RSA is slower but allows secure key exchange - you can share your public key openly. AES is faster for bulk data encryption. In practice, RSA often encrypts an AES key, which then encrypts the actual data (hybrid encryption).
Why is there a limit on data size with RSA?
RSA encryption is mathematically limited by key size. With 2048-bit RSA-OAEP, you can encrypt up to 214 bytes (~190 characters). This is why RSA is typically used to encrypt symmetric keys (32 bytes for AES-256), not large data directly. Use AES for bulk encryption.
Is my private key safe if I generate it in the browser?
Yes, when using the Web Crypto API. Keys are generated using your device's cryptographically secure random number generator and never leave your browser. However, save the private key securely immediately - if you lose it, encrypted data cannot be recovered.
What key size should I use for RSA?
2048-bit is the minimum recommended today. 4096-bit provides more security margin for sensitive data but is slower. This tool uses 2048-bit RSA-OAEP which is secure for most purposes. Key sizes below 2048-bit are considered breakable with sufficient resources.
Can someone with my public key decrypt messages I've encrypted?
No. Public keys can only encrypt, not decrypt. Only the corresponding private key can decrypt messages encrypted with the public key. This one-way relationship is fundamental to public-key cryptography and enables secure communication without sharing secret keys.