Key Generator
RSA and ECDSA in your browser
RSA: Estándar para cifrado y firmas. 2048-bit mínimo, 4096-bit para máxima seguridad.
ECDSA: Curvas elípticas. Claves más cortas con seguridad equivalente. P-256 ≈ RSA 3072-bit.
Cryptographic Key Generator: RSA, AES, ECDSA
Cryptographic keys are the foundation of digital security: TLS/HTTPS, SSH, JWT signing, encrypted email (PGP), Bitcoin. Our generator creates keys of adjustable length for RSA (2048/3072/4096), AES (128/192/256), ECDSA (P-256/P-384/P-521), and HMAC.
All keys are generated with crypto.subtle.generateKey (Web Crypto API), which uses your OS's cryptographic entropy. The same primitives that Firefox and Chrome use for TLS. Exportable in PEM, JWK, and raw hex formats.
IMPORTANT: for production, generate keys on the machine that will use them. This tool is for learning, testing, or dev use — never share real production private keys with any online tool.
How does it work?
- 1Select algorithm and length
RSA-2048 (compatibility), RSA-4096 (higher security), ECDSA-P-256 (modern, small), AES-256 (symmetric).
- 2Generate the key
Click generate. The key appears in PEM, JWK, and hex formats.
- 3Copy or download
Export as file (.pem, .jwk, .txt) or copy to clipboard. Store securely.
Frequently Asked Questions
RSA-2048 is secure until at least 2030 according to NIST. RSA-4096 offers greater long-term margin but is 8x slower to generate and 3-5x slower to sign. For most applications, 2048 is sufficient. For very sensitive data (health, defense), use 4096.
ECDSA (elliptic curves) offers similar security with much smaller keys: ECDSA-P-256 (256 bits) ≈ RSA-3072 in security. Preferred for TLS, JWT, and cryptocurrencies. RSA is still widely used for compatibility.
Never store it in plaintext. Encrypt it with a strong password (openssl uses AES-256-CBC). Restrict filesystem permissions (chmod 600). Never commit it to git. Consider hardware modules (YubiKey, HSM) for critical keys.