RSA Encryption & Decryption

RSA encrypt / decrypt / sign / verify in-browser — 2048/4096-bit, OAEP, SHA256withRSA, no data stored.
2048 / 4096-bit OAEP SHA-256 Sign & Verify Instant Keygen Python Compiler No Data Stored
📏 RSA Key Size (2048-bit active)
🔒 Operation
0 / 245 bytes
🔑 RSA Keys (PEM)
📋

Result

How RSA Works
Sender
"Hello"
Encrypt
Public Key
a3f9...x7b2
Decrypt
Private Key
"Hello"
Receiver
Enter a message and click Encrypt, Decrypt, Sign, or Verify to try it.

Python Compiler

How RSA Encryption Works

RSA Key Generation

RSA keys are generated by selecting two large primes (p, q) and computing their product n = p × q. The public key is (n, e) where e is typically 65537. The private key contains the private exponent d derived via the extended Euclidean algorithm. This tool generates key pairs instantly via AJAX — no page reload required.

  • 512-bit: Insecure — testing and education only
  • 1024-bit: Deprecated by NIST — avoid for production
  • 2048-bit: Recommended minimum (NIST standard until 2030)
  • 4096-bit: High security for CAs and long-lived keys

Padding Schemes Explained

  • PKCS1 v1.5: Legacy scheme. Vulnerable to Bleichenbacher padding oracle attacks (CVE-1998-XXXX). Use only for backwards compatibility.
  • OAEP SHA-1: Improved security over PKCS1, but SHA-1 is deprecated since 2011.
  • OAEP SHA-256: Modern recommended padding. Provable CCA2 security. Use RSA/ECB/OAEPWithSHA-256AndMGF1Padding for all new applications.
Message Size Limits: RSA encrypts at most (keyBits/8 − paddingOverhead) bytes. 2048-bit OAEP SHA-256 = 190 bytes max. For larger data, use hybrid encryption: encrypt data with AES-256-GCM, encrypt the AES key with RSA.

Authorship & Expertise

  • Author: Anish Nath
  • Background: Security engineer specializing in cryptographic implementations
  • Library: Java Cryptography Architecture (JCA) — standard RSA provider
  • Active since: 2017 — continuously updated

Trust & Privacy

  • Zero Data Retention: Keys and messages exist in-memory during your session only
  • HTTPS Only: All connections encrypted with TLS 1.2+
  • Open Standards: Standard JCA/JCE RSA, no proprietary algorithms
  • No Signup Required: Free, instant access for testing, learning, and development

Frequently Asked Questions

Select a key size (2048-bit recommended), choose Encrypt mode, type your message, select a cipher like OAEP SHA-256, and click Encrypt. The tool generates keys instantly without page reload and outputs Base64-encoded ciphertext you can copy or share via URL.
Use 2048-bit for most applications — it is the industry standard recommended by NIST until 2030. Use 4096-bit for high-security scenarios like certificate authorities or long-lived keys. 512-bit and 1024-bit are insecure and should only be used for testing.
It depends on key size minus padding overhead. 1024-bit PKCS1: 117 bytes. 2048-bit PKCS1: 245 bytes. 2048-bit OAEP SHA-256: 190 bytes. 4096-bit PKCS1: ~501 bytes. This tool shows a live byte counter as you type. For larger data, use hybrid encryption (RSA + AES).
PKCS1 v1.5 is the legacy RSA padding scheme, vulnerable to Bleichenbacher padding oracle attacks. OAEP (Optimal Asymmetric Encryption Padding) with SHA-256 is the modern recommended standard, providing provable security against chosen-ciphertext attacks. Always use RSA/ECB/OAEPWithSHA-256AndMGF1Padding for new applications.
Select Sign mode, enter your message, choose SHA256withRSA, and click Sign. The tool creates a Base64 digital signature using your private key. To verify, click Use for Verify — the signature auto-populates and the tool switches to Verify mode. Click Verify to confirm authenticity using the public key.
Use the pycryptodome library: from Crypto.PublicKey import RSA and from Crypto.Cipher import PKCS1_OAEP. This tool includes a built-in Python compiler with ready-to-run templates for RSA encryption, key generation, OAEP, and signing. Click Try It Live to run code directly in your browser.
No data is permanently stored. Keys and messages are processed in-memory during your session only. The tool uses standard Java Cryptography Architecture (JCA) RSA implementations. For production secrets, generate keys offline. All connections use HTTPS with TLS 1.2+.
No. RSA is asymmetric — the public key encrypts, only the matching private key can decrypt. This is what makes RSA secure: anyone can encrypt with your public key, but only you hold the private key to decrypt. For digital signing the roles reverse: the private key signs, the public key verifies.

Support This Free Tool

Every coffee helps keep the servers running. Every book sale funds the next tool I'm dreaming up. You're not just supporting a site ? you're helping me build what developers actually need.

500K+ users
200+ tools
100% private
? One-time support Buy me a coffee ? Learn & support 9-Book Bundle - $9 ? Stay updated Follow @anish2good
Privacy Guarantee: Private keys you enter or generate are never stored on our servers. All tools are served over HTTPS.

🔗 Share RSA Result