S
Simple Toolz

RSA Key Generator: Public and Private Key Cryptography Explained

Learn how RSA keys work, the basics of public/private key cryptography, key sizes, and how to generate RSA key pairs securely in your browser.

February 12, 2026

What Are RSA Keys?

RSA (Rivest-Shamir-Adleman) is one of the first and most widely used public-key cryptosystems. Named after its three inventors who published it in 1977, RSA enables secure data transmission, digital signatures, and key exchange. At its core, RSA relies on the mathematical difficulty of factoring the product of two large prime numbers.

An RSA key pair consists of two mathematically related keys: a public key that can be freely shared, and a private key that must be kept secret. Data encrypted with the public key can only be decrypted with the corresponding private key, and vice versa. This asymmetric property is what makes RSA so powerful and versatile.

Public and Private Key Cryptography Basics

Public-key cryptography, also known as asymmetric cryptography, solves a fundamental problem that symmetric encryption cannot: how do two parties establish a shared secret over an insecure channel? With symmetric encryption, both parties need the same key, but safely exchanging that key is itself a challenge.

How Asymmetric Encryption Works

In asymmetric encryption, each party generates a key pair. The public key is published openly, while the private key is kept secure. When Alice wants to send a confidential message to Bob, she encrypts it with Bob's public key. Only Bob's private key can decrypt the message. Even if an attacker intercepts the encrypted message and knows Bob's public key, they cannot decrypt it without the private key.

Digital Signatures

RSA also enables digital signatures, which work in reverse. When Bob wants to prove that a message came from him, he signs it with his private key. Anyone can verify the signature using Bob's public key, confirming both the authenticity and integrity of the message. If even a single bit of the message is altered, the signature verification fails.

Common Use Cases for RSA Keys

SSH Authentication

SSH (Secure Shell) is the standard protocol for secure remote server access. RSA key pairs are commonly used for SSH authentication as a more secure alternative to password-based login. You place your public key on the server, and your private key stays on your local machine. When you connect, the server uses your public key to create a challenge that only your private key can answer.

SSL/TLS Certificates

RSA is widely used in SSL/TLS, the protocol that secures HTTPS connections. When you visit a website with HTTPS, an RSA key pair is often involved in the certificate that proves the server's identity. The server's certificate contains its public key, which your browser uses during the TLS handshake to establish a secure, encrypted connection.

Digital Signatures and Code Signing

Software developers use RSA keys to sign their code, packages, and updates. This allows users and systems to verify that the software genuinely comes from the claimed publisher and has not been tampered with. Package managers like npm, apt, and homebrew rely on digital signatures to ensure package integrity.

Email Encryption (PGP/GPG)

PGP (Pretty Good Privacy) and its open-source implementation GPG use RSA keys for email encryption and signing. By exchanging public keys, two parties can send encrypted emails that only the intended recipient can read.

RSA Key Sizes: 2048 vs. 4096 Bit

The security of RSA depends directly on the key size. Larger keys are harder to factor but require more computational resources:

2048-Bit Keys

A 2048-bit RSA key is the current minimum recommended size for most applications. It provides sufficient security against current computational capabilities and is expected to remain secure through at least 2030. Most certificate authorities require a minimum of 2048-bit keys for SSL/TLS certificates. Key generation and cryptographic operations are relatively fast with 2048-bit keys.

4096-Bit Keys

A 4096-bit RSA key provides a significantly higher security margin. It is recommended for long-term key storage, high-security environments, and situations where the key needs to remain secure for many years. The trade-off is that key generation takes longer and cryptographic operations are slower. However, for most use cases, this performance difference is negligible.

Which Size Should You Choose?

For most applications, 2048-bit keys are sufficient. Choose 4096-bit keys when you need maximum security or when the keys will be used for extended periods. Avoid keys smaller than 2048 bits, as 1024-bit RSA keys are considered insecure and can be factored with modern resources.

How to Generate RSA Key Pairs with Simple-Toolz

Our RSA key generator creates cryptographically secure key pairs directly in your browser:

  • Navigate to the RSA key generator tool on Simple-Toolz.
  • Select your desired key size (2048 or 4096 bits).
  • Click generate to create a new RSA key pair.
  • Copy the public key and private key separately.
  • Store the private key securely and never share it.

Security Note: Client-Side Generation

A fundamental advantage of our tool is that RSA key generation happens entirely in your browser using the Web Crypto API. Your private key is never transmitted to any server, never stored anywhere outside your browser, and never seen by anyone but you. This is the safest way to generate RSA keys using an online tool, as it eliminates the risk of key interception during transmission.

Always remember: your private key is your most sensitive cryptographic asset. Store it securely, protect it with a passphrase when possible, and never share it with anyone.