RSA Encryption Tool
RSA (Rivest-Shamir-Adleman) is a public-key encryption algorithm proposed in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman. It is one of the earliest and most widely used asymmetric encryption algorithms. This tool provides a professional online RSA encryption and decryption service, supporting 1024/2048/3072/4096-bit keys and the two standard formats PKCS#1 and PKCS#8, with automatic key-pair generation, suitable for scenarios such as data encryption, key exchange, and digital signatures.
Key features
🔐 Multiple Key Lengths
Supports 1024/2048/3072/4096-bit RSA keys to meet different security level requirements.
Input:
Hello RSAPublic key:
2048-bit PEM-format public keyOutput:
Base64-encoded ciphertextFeatures:
- 2048 bits is the currently recommended standard key length
- Provides 112-bit security strength
- Estimated to remain secure until 2030
- Good compatibility, balancing performance and security
📝 Dual Standard Formats
Supports both the PKCS#1 and PKCS#8 standard key formats, compatible with various application scenarios.
- PKCS#8:General standard, recommended (default)
- PKCS#1:Legacy RSA format, backward compatible
- PEM encoding, Base64 format
- Includes standard header and footer markers
- Cross-platform and cross-language compatible
- Interoperable with tools such as OpenSSL
🎲 Smart Key Generation
Automatically generates RSA key pairs, supporting real-time format switching and regeneration.
- Automatically generates a 2048-bit key pair when the page loads
- Choose the key length (1024-4096 bits)
- Choose the key format (PKCS#1/PKCS#8)
- One-click regeneration of the key pair
- One-click copy of public/private key
- Supports manually importing existing keys
🔧 Full Encryption/Decryption
Provides complete RSA encryption and decryption capabilities, supporting multiple encoding formats.
- Public-key encryption, private-key decryption
- Supports UTF-8/Hex/Base64 plaintext encoding
- Supports Base64/Hex ciphertext encoding
- Automatically handles padding (PKCS#1 v1.5)
- Detailed processing statistics
- One-click copy or export of results
How to use
Select key configuration
The page automatically generates a 2048-bit PKCS#8-format RSA key pair. You can choose another key length (1024/3072/4096 bits) or format (PKCS#1), then click “Regenerate Key Pair”
Enter the data to encrypt
Enter the content to encrypt in the text editor. Note that RSA has a plaintext length limit; a 2048-bit key can encrypt at most 245 bytes. To encrypt large files, use a hybrid encryption scheme
Run encryption or decryption
Click “Encrypt” to encrypt data with the public key, and click “Decrypt” to decrypt the ciphertext with the private key. The right side displays the processing result and statistics, which you can copy or export
RSA Algorithm Explained
RSAis the first algorithm that can be used for both data encryption and digital signatures, and its security is based on the mathematical difficulty of factoring large integers. An RSA key pair contains a public key (for encryption) and a private key (for decryption); the public key can be shared publicly, while the private key must be kept strictly confidential. The RSA algorithm is widely used in SSL/TLS, SSH, PGP, digital certificates, and other fields, and is a cornerstone of modern network security.
RSA Algorithm Principles
🔢 Mathematical Foundation
Core problem:Integer factorization of large numbers
- Choose two large prime numbers p and q
- Compute n = p × q (the modulus)
- Compute φ(n) = (p-1) × (q-1)
- Choose the public-key exponent e (usually 65537)
- Compute the private-key exponent d such that e×d ≡ 1 (mod φ(n))
- Public key: (e, n), private key: (d, n)
🔐 Encryption & Decryption Process
- Encryption:Ciphertext c = me mod n
- Decryption:Plaintext m = cd mod n
- m is the plaintext value, c is the ciphertext value
- Computed using the fast modular exponentiation algorithm
- The padding scheme (PKCS#1 v1.5) processes the plaintext
- Ensures the encryption result is different each time
RSA Key Length Explained
1024 bits (Not recommended)
- Security strength:About 80 bits, no longer secure
- Factoring difficulty:Can be broken by modern computing power
- Maximum plaintext:117 bytes
- Usage recommendations:For learning and testing only; do not use in production
- Deprecation timeline:No longer recommended after 2010
2048 bits (Recommended)
- Security strength:About 112 bits, currently secure
- Factoring difficulty:Currently unbreakable, expected to remain secure until 2030
- Maximum plaintext:245 bytes
- Usage recommendations:The standard choice for general scenarios
- Application:HTTPS certificates, SSH keys, code signing
- Performance:Well balanced with security
3072 bits
- Security strength:About 128 bits, high security
- Factoring difficulty:Estimated to remain secure beyond 2040
- Maximum plaintext:373 bytes
- Usage recommendations:Enterprise applications, long-term certificates
- Performance impact:About 2x slower than 2048 bits
- Application:CA root certificates, sensitive data encryption
4096 bits
- Security strength:About 140 bits, extremely high security
- Factoring difficulty:Long-term security
- Maximum plaintext:501 bytes
- Usage recommendations:Root certificates, government secrets, and core financial systems
- Performance impact:About 4-6x slower than 2048 bits
- Trade-off:Suitable for long-term storage, not for frequent encryption
PKCS#1 vs PKCS#8
PKCS#1 (RSA-specific)
Format characteristics:
- Public key header:
-----BEGIN RSA PUBLIC KEY----- - Private key header:
-----BEGIN RSA PRIVATE KEY----- - Applicable only to the RSA algorithm
- Legacy format with good backward compatibility
- OpenSSL default format (older versions)
Use cases:
- When compatibility with legacy systems is needed
- When some libraries only support PKCS#1
- Explicitly uses only the RSA algorithm
PKCS#8 (general standard)
Format characteristics:
- Public key header:
-----BEGIN PUBLIC KEY----- - Private key header:
-----BEGIN PRIVATE KEY----- - Supports multiple algorithms (RSA, DSA, ECC, etc.)
- Modern standard, recommended
- Includes the algorithm identifier
- OpenSSL default format (newer versions)
Use cases:
- New system development (recommended)
- When algorithm flexibility is needed
- Works with modern cryptographic libraries
- Standard format for languages such as Java and Python
RSA Use Cases
🌐 SSL/TLS (HTTPS)
Website SSL certificates use RSA for identity authentication and key exchange to protect website communication security
🔑 SSH Authentication
Server login uses RSA public-key authentication instead of password login to improve security
✍️ Digital Signature
Software signing, document signing, code signing, etc., ensuring source trustworthiness and integrity
📧 Email Encryption (PGP/GPG)
Use RSA to encrypt email content or digital signatures, protecting email privacy and authenticity
🔐 Key Exchange
Use RSA to transmit the symmetric encryption key, combined with algorithms such as AES to achieve hybrid encryption
💳 Payment Security
Bank card payments and e-commerce transactions use RSA to protect the transmission of sensitive information
🎫 Digital Certificate
The X.509 certificate system uses RSA for identity authentication and building the chain of trust
🔒 VPN Connection
When establishing a VPN tunnel, RSA is used for key negotiation and identity authentication
RSA usage recommendations and best practices
Plaintext length limit
⚠️ RSA Encryption Length Limit
Calculation formula:Maximum plaintext length = (key length / 8) - 11 bytes
- RSA-1024:Encrypts at most 117 bytes
- RSA-2048:Encrypts at most 245 bytes
- RSA-3072:Encrypts at most 373 bytes
- RSA-4096:Encrypts at most 501 bytes
Reason:PKCS#1 v1.5 padding requires 11 bytes of overhead
✅ Hybrid Encryption Scheme
For very long data, hybrid encryption is recommended:
- Generate a random symmetric key (such as an AES-256 key)
- Use the symmetric key to encrypt the actual data
- Use the RSA public key to encrypt the symmetric key
- Transmit the encrypted data and the key
- The recipient uses the RSA private key to decrypt the symmetric key
- Use the symmetric key to decrypt the actual data
Benefits:Combines the security of RSA with the efficiency of AES
Key management best practices
🔑 Private Key Protection
- Encrypted storage:The private key file should be stored encrypted
- Access control:Set file permissions to 400 or 600
- Password protection:Encrypt the private key with a strong password
- Backup strategy:Securely back up the private key to multiple locations
- Hardware protection:Consider using an HSM or smart card
- Leak handling:Revoke and replace immediately once leaked
🔄 Key Rotation
- Regular replacement:It is recommended to change the key pair every 1-2 years
- Certificate validity period:Follow certificate validity period management
- Gradual migration:Support the transition between old and new keys at the same time
- Revocation mechanism:Establish a key revocation process
- Version management:Record the key version and usage time
📋 Key Distribution
- Public key disclosure:The public key can be safely made public
- Certificate mechanism:Use digital certificates to verify the authenticity of the public key
- Secure channel:Distribute through secure channels such as HTTPS
- Fingerprint verification:Verify the public key fingerprint through other channels
- Chain of trust:Establish a complete chain-of-trust system
Security Considerations
⚠️ Avoid Common Mistakes
- ❌ Using 1024-bit keys (no longer secure)
- ❌ Encrypting large files directly with RSA
- ❌ Storing private keys in plaintext
- ❌ Using weak random number generators
- ❌ Transmitting private keys over insecure networks
- ❌ Not changing keys for a long time
- ❌ Ignoring the security of the padding scheme
✅ Recommended Practices
- ✅ Use 2048-bit or higher keys
- ✅ Use hybrid encryption for large data
- ✅ Encrypt and restrict access to private keys
- ✅ Use cryptographically secure random numbers
- ✅ Use the PKCS#8 standard format
- ✅ Rotate key pairs regularly
- ✅ Use OAEP padding (if possible)
Cross-language implementation reference
💻 Common Programming Languages
JavaScript/Node.js:
- JSEncrypt (used by this tool) - browser side
- node-forge - Node.js side
- crypto module - Node.js built-in
Java:
- java.security package
- Bouncy Castle library
Python:
- cryptography library
- PyCryptodome library
- rsa library
PHP:
- openssl extension
- phpseclib library
Go:
- crypto/rsa package
- crypto/x509 package
🔧 Command-Line Tools
OpenSSL:
- Generate key pair
- Format conversion
- Encryption & Decryption
- Certificate management
GnuPG:
- PGP encryption
- Digital signature
- Key Management
FAQ
❓ Why is the encryption result different each time?
RSA UsageRandom padding(PKCS#1 v1.5 Padding), adding random bytes before the plaintext. This ensures that the same plaintext produces different ciphertext on each encryption, preventing dictionary attacks. This isA normal and necessary security feature, and the padding is automatically removed during decryption.
❓ How much data can RSA encrypt?
RSANot suitable for encrypting large data. A 2048-bit RSA key can encrypt at most 245 bytes. For large files, you should useHybrid encryption: encrypt data with AES and encrypt the AES key with RSA. This ensures security while improving efficiency. RSA’s strengths are key exchange and digital signatures, not encrypting large amounts of data.
❓ Are 2048-bit keys still secure?
2048-bit RSA keyCurrently secure. According to NIST estimates, 2048-bit keys are expected to remain secure until 2030. For general commercial applications, 2048 bits is sufficient. However, if you need long-term confidentiality (over 10 years) or extremely high security, it is recommended to use 3072 or 4096 bits. Quantum computers may threaten RSA in the future, at which point migration to quantum-resistant algorithms will be necessary.
❓ Can I encrypt with the private key and decrypt with the public key?
Theoretically yes, but this is not the correct use of encryption; rather, it isDigital signature’s principle. The private key “encrypts” (signs) to prove identity, and the public key “decrypts” (verifies) to prove the source is trustworthy. True encryption should bePublic-key encryption, private-key decryption, so that only those who hold the private key can decrypt it.
❓ What is the difference between PKCS#1 and PKCS#8?
PKCS#1is an RSA-specific format whose header contains the word “RSA”.PKCS#8is a general-purpose format that supports multiple algorithms and whose header does not contain the algorithm name. RecommendedPKCS#8, because it is the modern standard with better compatibility, and languages such as Java and Python use PKCS#8 by default. The two can be converted into each other.
Learning resources
📚 Technical Standards
- PKCS#1 v2.2 - RSA encryption standard
- PKCS#8 - Private-Key Information Syntax Standard
- RFC 8017 - RSA algorithm specification
- NIST FIPS 186-4 - Digital Signature Standard
🔧 Tool Documentation
- OpenSSL documentation
- JSEncrypt usage guide
- Documentation for cryptographic libraries in various languages