# How to generate RSA key pair | RSA Key Generator

**RSA Encryption**

**RSA** is an asymmetric encryption algorithm. With a given key pair, data that is encrypted with one key can only be decrypted by the other. This is useful for encrypting data between a large number of parties. Only one key pair per person is required. RSA is widely used across the internet with HTTPS.

This algorithm is called RSA because of the surnames of the three men who proposed it in 1977 (Ron Rivest, Adi Shamir, and Leonard Adleman). It is an asymmetric encryption system that uses two RSA Keys, known as a key pair.

As with other public-key encryption systems, RSA key exchange involves the sharing of a public key that is derived from the private key at the time of generation. In this type of encryption system, anybody with access to the private key can infer the public key.

Due to the complex mathematical system involved, the opposite (deriving the private key from the public key), is impossible. This is why it is safe to share the public key over the internet to establish a secure connection and begin sharing encrypted data.

##### How to create key-pair for RSA encryption?

Step 1 : Generate Private Key

Run this command to generate a 2084-bit private key and output it to the key.pem file. If you like, you may change the key length and/or output file.

`$ openssl genrsa -out key.pem 2048`

Step 2 : Derive Public Key

Extract the public key from the key pair, which can be used in a certificate

`$ openssl rsa -in key.pem -outform PEM -pubout -out public.pem`

Now we can use the private key to encrypt the data and the receiver can use this public key to decrypt the encrypted data.