RSA Encryption Tool Encrypt & Decrypt Messages

Configuration
Max: 117 bytes (1024-bit), 245 bytes (2048-bit)
RSA Keys
Result

Configure and click Process to see results

How RSA Encryption Works

RSA Key Generation

RSA keys are generated by selecting two large prime numbers and computing their product (modulus). The public key consists of the modulus and public exponent (typically 65537), while the private key includes the modulus and private exponent derived from the primes.

  • 512-bit: Weak, only for testing
  • 1024-bit: Deprecated, avoid for production
  • 2048-bit: Recommended minimum for production use
  • 4096-bit: High security, slower performance

Encryption & Decryption

Encryption: Uses the public key to transform plaintext into ciphertext. The mathematical operation ensures that only the corresponding private key can decrypt the message.

Decryption: Uses the private key to recover the original plaintext from ciphertext. The asymmetric nature ensures secure communication without pre-shared secrets.

Message Size Limits: RSA can only encrypt data smaller than the key size. For larger data, use hybrid encryption (RSA for key exchange, AES for data).

Padding Schemes

PKCS1Padding: Classic padding scheme, vulnerable to padding oracle attacks. Use only for legacy compatibility.
OAEP (SHA-1): Optimal Asymmetric Encryption Padding with SHA-1. More secure than PKCS1 but SHA-1 is deprecated.
OAEP (SHA-256): Recommended modern padding with SHA-256. Provides the best security against chosen-ciphertext attacks.

Common Use Cases for RSA Encryption

Secure Email

Encrypt email contents or attachments using recipient's public key. Only they can decrypt with their private key.

Key Exchange

Securely exchange symmetric keys (AES, DES) over insecure channels by encrypting them with RSA.

Digital Signatures

Sign documents by encrypting a hash with your private key. Others verify with your public key.

SSL/TLS Certificates

RSA keys are embedded in X.509 certificates used for HTTPS and secure connections.

Pro Tip: For encrypting large files or messages, use hybrid encryption: generate a random AES key, encrypt your data with AES, then encrypt the AES key with RSA. This combines RSA's key exchange security with AES's speed.

Security Best Practices

Do's

  • Use 2048-bit or larger keys for production
  • Use OAEP padding with SHA-256 for new applications
  • Keep your private key secure and never share it
  • Use hybrid encryption for messages larger than key size
  • Rotate keys periodically according to your security policy
  • Use this tool for testing and learning purposes
  • Generate keys offline for highly sensitive production use

Don'ts

  • Don't use 512-bit or 1024-bit keys in production
  • Don't use PKCS1Padding for new applications (use OAEP)
  • Don't encrypt large files directly with RSA (size limits apply)
  • Don't share your private key with anyone
  • Don't reuse the same key pair across different applications
  • Don't use this tool for encrypting highly classified data
  • Don't assume RSA alone provides message integrity (use signatures)

Why Trust This RSA Tool?

No Data Storage

Your keys and messages are processed in-session only. We don't log, store, or transmit your cryptographic data to third parties.

Open Standards

Built on standard Java Cryptography Architecture (JCA) using well-tested RSA implementations. No proprietary or unverified algorithms.

Educational Focus

Designed for learning, testing, and development. Perfect for understanding RSA concepts, cipher modes, and cryptographic operations.

Active Since 2017

Part of 8gwifi.org's suite of cryptography tools, serving developers and security professionals since 2017.

About the Developer: This tool is developed and maintained by Anish Nath, a Security Engineer with expertise in cryptography, PKI, and secure application development. Anish has created multiple open-source security tools and regularly publishes technical content on cryptographic implementations.

Connect: Twitter |

Frequently Asked Questions

RSA encryption is an asymmetric cryptography algorithm that uses two keys: a public key for encryption and a private key for decryption. Named after its inventors Rivest, Shamir, and Adleman, RSA is widely used for secure data transmission and digital signatures. The security is based on the mathematical difficulty of factoring large prime numbers.

Simply select your desired key size (512, 1024, 2048, or 4096 bits) using the key size buttons in the Configuration section. The tool automatically generates a new RSA key pair with both public and private keys in PEM format. The keys are stored in your session for use in encryption/decryption operations.

This tool supports multiple RSA cipher modes: RSA (default), RSA/ECB/PKCS1Padding, RSA/None/PKCS1Padding, RSA/NONE/OAEPWithSHA1AndMGF1Padding, RSA/ECB/OAEPWithSHA-1AndMGF1Padding, and RSA/ECB/OAEPWithSHA-256AndMGF1Padding. OAEP padding modes provide enhanced security compared to PKCS1Padding and are recommended for new applications.

The maximum message size depends on the key size and padding scheme. For 1024-bit keys with PKCS1Padding, you can encrypt up to 117 bytes. For 2048-bit keys, the limit is 245 bytes. For 4096-bit keys, the limit is approximately 501 bytes. For larger messages, use hybrid encryption where you encrypt data with AES and encrypt the AES key with RSA.

All encryption and decryption operations are performed securely without storing your keys or messages permanently. However, we recommend using 2048-bit or 4096-bit keys for production use. For highly sensitive data, consider generating keys offline and using this tool only for testing and educational purposes. Always follow your organization's security policies.

No, RSA decryption requires the private key. The public key is used only for encryption. This asymmetric property is fundamental to RSA and enables secure communication where anyone can encrypt messages using your public key, but only you (the private key holder) can decrypt them. This eliminates the need for secure key exchange.

Support This Free Tool

Every coffee helps keep the servers running. Every book sale funds the next tool I'm dreaming up. You're not just supporting a site — you're helping me build what developers actually need.

500K+ users
200+ tools
100% private
One-time support Buy me a coffee 📚 Learn & support 9-Book Bundle - $9 Stay updated Follow @anish2good
Privacy Guarantee: Private keys you enter or generate are never stored on our servers. All tools are served over HTTPS.
Quick Access