What key size should I use for RSA encryption?

2048-bit RSA keys are the current minimum recommended size and suitable for most uses. 4096-bit keys provide additional security margin but are significantly slower. For new applications requiring long-term security, 4096-bit is preferred.

What is the difference between RSA-OAEP and PKCS#1 v1.5?

RSA-OAEP (Optimal Asymmetric Encryption Padding) is the modern secure standard and is recommended for all new applications. PKCS#1 v1.5 is an older padding scheme with known vulnerabilities (Bleichenbacher attack) and should only be used for legacy compatibility.

Are RSA keys generated on the server?

No. All RSA key generation and encryption/decryption runs entirely in your browser using the Web Crypto API. Your keys and data are never sent to any server.

← Back to all tools

RSA Encryption / Decryption

Asymmetric encryption with public/private key pairs. Generate keys and encrypt/decrypt data client-side.

ℹ

RSA is not suitable for large data — it is limited by key size. For large payloads, use AES to encrypt the data and RSA to encrypt the AES key (hybrid encryption).

⚙

Key Pair Generation

RSA

Key Size

Hash Algorithm

Padding Mode

🗝️

Key Pair

Public Key (PEM)

Private Key (PEM)

⚠

Keep your private key secret. Never share it or paste it into untrusted tools.

📝

Encrypt / Decrypt

Plaintext / Ciphertext *

Output

Encrypted / decrypted result will appear here…

❓

Frequently Asked Questions

What key size should I use?

2048-bit is the minimum recommended key size for RSA. Use 4096-bit for high-security scenarios where long-term data protection is required. Larger keys are more secure but slower to generate and use.

Is RSA safe for large files?

RSA is designed for small data — typically only used to encrypt a symmetric key. For bulk data encryption, use AES. A common hybrid approach is to encrypt your data with AES, then encrypt the AES key with RSA.

Are my keys saved anywhere?

No. Keys are generated entirely in your browser and are never stored or transmitted. You must save your private key manually — losing it means losing access to anything encrypted with the corresponding public key.

What is the difference between a public key and a private key?

The public key can be shared with anyone and is used to encrypt data. Only the matching private key can decrypt what was encrypted with the public key. This asymmetric design means you can receive encrypted messages from anyone without ever sharing a secret.

Why can't RSA encrypt large files?

RSA can only encrypt data smaller than its key size (e.g. ~245 bytes for a 2048-bit key with OAEP). For large data, use a hybrid approach: encrypt the data with AES, then use RSA to encrypt only the AES key. This is how TLS/HTTPS works.

What padding scheme should I use with RSA?

Use RSA-OAEP for all new applications — it is the modern secure standard. Avoid PKCS#1 v1.5 padding which is vulnerable to padding oracle attacks (Bleichenbacher attack). Most browsers support RSA-OAEP natively via the Web Crypto API.