You may generate an RSA private key with the help of this tool. Additionally, it will display the public key of a generated or pasted private key.

## Description

RSA is an asymmetric encryption algorithm. With a given key pair, data that is encrypted with one key can only be decrypted by the other. This is useful for encrypting data between a large number of parties; only one key pair per person need exist. RSA is widely used across the internet with HTTPS.

To generate a key pair, select the bit length of your key pair and click **Generate key pair**. Depending on length, your browser may take a long time to generate the key pair. A 1024-bit key will usually be ready instantly, while a 4096-bit key may take up to several minutes. For a faster and more secure method, see **Do It Yourself** below.

CryptoTools.net does not yet have a tool for facilitating the encryption and decryption of data using RSA, but you may **Do It Yourself** with the instructions below.

## Do It Yourself

For these steps, you will need a command line shell with OpenSSL. Ideally, you should have a private key of your own and a public key from someone else. For demonstration, we will only use a single key pair.

#### Generate Private Key

Run this command to generate a 4096-bit private key and output it to the **private.pem** file. If you like, you may change the key length and/or output file.

$ openssl genrsa

#### Derive Public Key

Given a private key, you may derive its public key and output it to **public.pem** using this command. (You may also paste your OpenSSL-generated private key into the form above to get its public key.)

$ openssl rsa -in private.pem -pubout -out public.pem

#### Encrypt Data

We can now use this key pair to encrypt and decrypt a file, **data.txt**.

$ openssl rsautl -encrypt -inkey public.pem -pubin -in data.txt -out data.txt.enc

#### Decrypt Data

Given the encrypted file from the previous step, you may decrypt it like so.

$ openssl rsautl -decrypt -inkey private.pem -in data.txt.enc -out data.txt