RSA or EC — which should I choose?

EC (P-256 or P-384) for most new applications: smaller keys, faster signing, equivalent security. RSA for compatibility with legacy systems that don't support EC.

What's the difference between P-256 and P-384?

Both are NIST elliptic curves. P-256 is sufficient for most purposes (128-bit security). P-384 provides 192-bit security for very high-assurance applications like government certificates.

Are the generated keys stored anywhere?

No — keys are generated entirely in your browser using the Web Crypto API and never transmitted. Download them immediately; they cannot be recovered after you close the page.

Key Pair Generator | DevTools Surf

DevTools Surf

About Key Pair Generator

Key Pair Generator preview - Security / Crypto tool

Generate RSA or EC key pairs with configurable key size and curve. Part of the DevTools Surf developer suite. Browse more tools in the Security / Crypto collection.

Use Cases

Generate RSA or EC key pairs for TLS certificates, SSH authentication, or JWT signing.
Create key pairs for testing PKI workflows before using a production CA.
Generate EC keys for use with elliptic curve Diffie-Hellman (ECDH) key exchange.
Produce development-environment signing keys for code signing or document encryption.

Tips

Use RSA-2048 as the minimum for new keys; RSA-4096 for long-lived certificates or high-security contexts. NIST deprecated RSA-1024 in 2013.
EC keys (P-256 or P-384) are significantly smaller and faster than RSA at equivalent security levels — prefer EC for new applications.
Download private keys immediately after generation and store in a secrets manager — they cannot be regenerated and are not retained server-side.

Fun Facts

RSA (named for Rivest, Shamir, Adleman) was developed in 1977 at MIT. An equivalent system was independently developed by Clifford Cocks at GCHQ in 1973 but kept classified until 1997.
Elliptic curve cryptography (ECC) provides equivalent security to RSA at much shorter key lengths: a 256-bit EC key is approximately as strong as a 3072-bit RSA key — 12x smaller.
Quantum computing threatens RSA and ECC through Shor's algorithm. NIST published the first post-quantum cryptography standards (CRYSTALS-Kyber for key exchange, CRYSTALS-Dilithium for signatures) in 2024.

FAQ

RSA or EC — which should I choose?: EC (P-256 or P-384) for most new applications: smaller keys, faster signing, equivalent security. RSA for compatibility with legacy systems that don't support EC.
What's the difference between P-256 and P-384?: Both are NIST elliptic curves. P-256 is sufficient for most purposes (128-bit security). P-384 provides 192-bit security for very high-assurance applications like government certificates.
Are the generated keys stored anywhere?: No — keys are generated entirely in your browser using the Web Crypto API and never transmitted. Download them immediately; they cannot be recovered after you close the page.

Related Security / Crypto Tools

Hash Generator v2 HMAC Generator v2 JWT Encoder Bcrypt Hash Tester HMAC Generator Password Strength Analyzer TOTP / 2FA Generator SAML Response Decoder