AES Encryption Explained: How It Works and Why It Matters
Jun 23, 2026
Generate RSA public and private key pairs with configurable bit length.
RSA (Rivest–Shamir–Adleman) is an asymmetric encryption algorithm invented in 1977. It uses a public key for encryption and a private key for decryption. The security of RSA relies on the practical difficulty of factoring the product of two large prime numbers.
Keys are output in the standard PEM (Privacy-Enhanced Mail) format:
-----BEGIN PUBLIC KEY----- (SPKI format)-----BEGIN PRIVATE KEY----- (PKCS8 format)| Key Size | Security Level | Generation Time | Recommendation |
|---|---|---|---|
| 1024 | Low | < 1 second | Deprecated — not recommended |
| 2048 | Good | 1–5 seconds | Recommended — NIST minimum |
| 4096 | High | 5–30 seconds | High security — slower operations |
Yes. Key generation uses the Web Crypto API, which is backed by the operating system's cryptographic implementation. Keys are generated locally in your browser and never sent to any server. However, for high-security production environments, consider using dedicated tools like openssl or hardware security modules (HSMs).
SPKI (SubjectPublicKeyInfo) is the standard format for public keys, defined in RFC 5280/X.509. PKCS8 is the standard format for private keys, defined in RFC 5208. Both use PEM encoding with Base64 content and header/footer markers.
Yes. The PEM output is compatible with OpenSSL, PHP, Python, Node.js, and most cryptographic libraries. You can save the private key to a file and use it with commands like openssl rsa -in private.pem -pubout.
RSA key generation requires finding two large prime numbers. The browser's Web Crypto API performs this search using probabilistic primality tests. Larger keys require more iterations of the Miller–Rabin test for the same confidence level, and the prime candidates are larger, making the search slower. A 4096-bit key can take 10–30 seconds in the browser.
Blog
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026