An RSA key pair consists of a public key (used for encryption or signature verification) and a private key (used for decryption or signing). RSA security is based on the mathematical difficulty of factoring the product of two large prime numbers (p × q = n). The public key contains the modulus n and exponent e, while the private key contains n, the private exponent d, and the original primes p and q for CRT optimization.

An EC key pair uses elliptic curve cryptography. The private key is a randomly generated integer d, and the public key is a point Q = d × G on the curve (where G is the generator point). EC keys provide equivalent security to RSA with much smaller key sizes — a 256-bit EC key offers security comparable to a 3072-bit RSA key.

EC is generally recommended for new applications due to smaller keys, faster operations, and lower bandwidth. RSA remains widely deployed and well-understood. Choose EC for modern TLS/SSL, SSH, and mobile applications. Choose RSA if you need compatibility with legacy systems or prefer a more established mathematical foundation. Both are considered secure when using recommended key sizes.

RSA 2048-bit is the current minimum recommendation and is considered secure through ~2030. RSA 4096-bit provides a higher security margin and is recommended for long-term secrets (10+ years). NIST and most security guidelines now recommend at least 2048 bits, with 3072 or 4096 bits preferred for sensitive applications.

P-256 (prime256v1) offers a great balance of security and performance — equivalent to ~128-bit symmetric security. P-384 provides ~192-bit security and P-521 provides ~256-bit security. For most applications, P-256 is the recommended default. All three NIST curves are widely supported and considered secure.

Yes. This tool uses the browser's built-in Web Crypto API which leverages the operating system's cryptographically secure pseudo-random number generator (CSPRNG). The keys never leave your device, and the generation process uses the same underlying security primitives as OpenSSL and other trusted cryptographic libraries. For production use, always verify your deployment environment.

A key fingerprint is a short hash (SHA-256 in this tool) of the public key's DER-encoded form. It serves as a unique, human-verifiable identifier for a key — similar to how SSH displays fingerprints when connecting to a new host. You can use it to verify that a key hasn't been tampered with during transmission.

This tool supports exporting keys in PEM format (SPKI for public keys, PKCS8 for private keys) — the standard format used by OpenSSL and most servers. JWK (JSON Web Key) format is also available, which represents keys as JSON objects — ideal for web applications and JWT signing. Both formats are industry standards.

CRT (Chinese Remainder Theorem) parameters — dp, dq, and qinv — are precomputed values stored alongside the RSA private key. They speed up RSA decryption and signing by approximately 4× by allowing modular exponentiation to be computed separately modulo p and q, then combined. Most RSA implementations use CRT for performance.

While the keys generated here are cryptographically valid, production environments should use purpose-built tools like OpenSSL, ssh-keygen, or hardware security modules (HSMs). This tool is designed for education, testing, and development. For production, ensure proper key storage (encrypted at rest), backup procedures, and access controls are in place.