📖 Description
1. What is RSA Encryption?
RSA (named after Rivest, Shamir, and Adleman) is currently the most widely used asymmetric encryption algorithm globally. Unlike symmetric encryption methods such as AES, RSA uses a pair of keys: a Public Key and a Private Key.
- Asymmetric Nature: Data encrypted with a public key can only be decrypted by its corresponding private key; conversely, data encrypted (signed) with a private key can only be decrypted (verified) by its corresponding public key.
- Security Basis: The security of RSA is based on the mathematical difficulty of factoring large integers. With increasing computational power, the industry currently recommends using key lengths of 2048 bits or higher.
2. Core RSA Operation Scenarios
This tool supports two core usage modes of RSA:
A. Data Encryption & Decryption (Ensuring Confidentiality)
- Process: The sender encrypts data using the recipient's public key -> the recipient decrypts it using their own private key.
- Scenario: Secure transmission of sensitive information (e.g., passwords, ID numbers) via interfaces, ensuring only the intended recipient can see the original content.
B. Digital Signature & Verification (Ensuring Authenticity)
- Process: The sender generates a signature for the data using their own private key -> the recipient verifies the signature using the sender's public key.
- Scenario: Payment callback verification (e.g., Alipay/WeChat Pay notifications), API authentication for open platforms.
3. Key Format and Length Specifications
When using the RSA tool, please pay close attention to your key format, as this is often the main cause of errors:
| Parameter |
Description |
Common Standards |
| Key Format |
PKCS#1 vs PKCS#8 |
PKCS#1 supports RSA only; PKCS#8 is a general format. Java typically uses PKCS#8. |
| Key Length |
1024 / 2048 / 4096 bit |
1024-bit is no longer recommended; 2048-bit is the current mainstream; 4096-bit offers the highest security but consumes more performance. |
| Padding Mode |
PKCS1Padding / OAEP |
It is essential to ensure that the padding mode used by both encryption and decryption parties is identical. |
4. Frequently Asked Questions (FAQ)
Q: Why can't RSA encrypt very long text?
A: The encryption length of RSA is limited by the key size. A 2048-bit key with PKCS#1 padding can encrypt a maximum of 245 bytes of data at once. To handle longer texts, the common practice is to encrypt the content using an [AES tool] and then encrypt the AES key using RSA (this method is called "hybrid encryption").
Q: How to distinguish between PKCS#1 and PKCS#8 formats?
A: Check the beginning text of the key:
- PKCS#1:
-----BEGIN RSA PRIVATE KEY-----
- PKCS#8:
-----BEGIN PRIVATE KEY----- (without the "RSA" text)
Q: Is the result of RSA public key encryption always the same?
A: No. Due to the Padding mechanism, the ciphertext generated by each encryption click will be different, but all of them can be decrypted by the corresponding private key to produce the same plaintext. This is a security protection mechanism.
5. Why Choose This Site's RSA Tool?
- Full Process Coverage: Supports key pair generation, public key encryption/private key decryption, private key signing/public key verification.
- Localized Computation: Extremely Important! Key security is paramount. This site guarantees that all RSA computations are performed locally in your browser. Your private key is never uploaded to our servers.
- Automatic Format Recognition: Intelligently identifies PKCS#1/PKCS#8 formats, compatible with RSA implementations in mainstream development languages like Java, PHP, Python, and Go.
- Optimal Experience: Supports both Base64 and Hex output formats, one-click clear, one-click copy, facilitating efficient development and debugging.
More RSA Basics: RSA In-Depth Analysis: Principles, Mathematical Foundation, Encoding, and Security