Secure RSA Toolkit
Generate keys, encrypt, and decrypt messages directly in your browser. Open source and privacy-focused.
What is RSA & How It Compares
Asymmetric Encryption (RSA)
RSA is the gold standard for Asymmetric encryption, defined by authorities like NIST (FIPS 186) and IETF (RFC 8017).
It uses two keys: a Public Key to lock data and a Private Key to unlock it. This solves the "Key Exchange Problem," allowing secure communication without pre-sharing secrets.
Vs. Symmetric Encryption (AES)
Symmetric encryption (like AES) uses a single key for both locking and unlocking. It is immensely fast but requires safe key transfer.
The Standard Practice: Modern systems use RSA to securely exchange the random Secret Key for symmetric encryption (Hybrid Encryption), combining RSA's trust with AES's speed.
Key Size Security Analysis
| Key Size | Cracking Difficulty (Cost/Time) | Vulnerabilities | Use Case |
|---|---|---|---|
| 1024-bit | Feasible. Cracked by large organizations. Est. Cost: ~$10M hardware ~1 year. | Considered Broken. Vulnerable to pre-computation attacks like Logjam. Sufficient for non-critical legacy testing only. | Legacy systems, short-term testing. |
| 2048-bit | Infeasible (Current Tech). Billions of years with classical computers. Requires ~14 million qubits (Quantum). | Standard Secure. No known classical weaknesses. Vulnerable to future robust Quantum Computers (Shor's Algorithm). | Web (HTTPS), Certificates, Email. |
| 4096-bit | Extreme. Exponentially harder than 2048. Negligible risk for decades. | Overkill for most. Primary "vulnerability" is performance cost (CPU/Battery drain). Same Quantum risk as 2048, just delays it. | Top-secret docs, Root certificates. |
How It Works
Generate Keys
Create a mathematically linked pair of keys. Share the Public Key, keep the Private Key safe.
Encrypt Data
Senders use your Public Key to lock the message. Once locked, even they can't unlock it.
Decrypt Data
You use your secret Private Key to unlock the message and read the original text.
Trusted Standards & Organizations
Modern cryptography relies on open standards and trustworthy organizations. We follow the "Golden Trio" of authority.
The "Rule Maker" of modern crypto. Publisher of FIPS 186 (RSA Standard). When NIST recommends a standard, the industry follows.
Creators of the Internet's operating manuals (RFCs). They maintain RFC 8017 (PKCS #1), the definitive technical specification for RSA.
The engine powering the secure web (HTTPS). Our keys are generated to be fully compatible with OpenSSL and the wider PKI ecosystem.
RSA Detailed Tutorial
A deeper dive into the mechanics of the RSA cryptosystem.
1. Key Generation Content
A pair of keys is generated:
Public Key: Can be shared openly. Used to encrypt messages.
Private Key: Must be kept SECRET. Used to decrypt messages.
2. Encryption Process
Sender uses the Recipient's Public Key to encrypt the message. Once encrypted, the message looks like random garbled text and cannot be understood without the private key.
3. Decryption Process
Recipient uses their Private Key to decrypt the message back to readable text. Mathematically, only the private key can reverse the operation done by the public key.
Note on Security
Never share your Private Key. This tool runs 100% in your browser. However, for high-value secrets, always use established native tools or hardware security modules.
Frequently Asked Questions
Is my data sent to a server?
No. All encryption and decryption operations happen entirely within your browser using JavaScript. No keys or data are ever transmitted.
Can I use this for production secrets?
While the math is standard RSA, web browsers can be vulnerable to extensions or compromised environments. For critical high-security keys, use offline tools.
What key size should I use?
2048-bit is the current standard for security. 1024-bit is faster but less secure. 4096-bit is very secure but much slower to generate and use.
Why is key generation slow?
Generating large primes for RSA requires significant computational power. Since this runs in JavaScript in your browser, it may take a few seconds (or more for 4096-bit).
Who Should Use RSA Online?
Developers
Quickly generate keys for testing environments or debugging crypto implementations without setting up local tools.
Students
Learn about public-key cryptography interactively. Understand how keys, encryption, and decryption work.
Privacy Advocates
Encrypt short messages meant for public channels where you only want a specific recipient to read them.
System Admins
Generate temporary keys for one-off SSH access or configuration files (always use 2048+ bits).
Contact Us
Have questions, found a bug, or need support? Reach out to us.
support@rsaonline.app