How do RSA cryptosystems work?

An RSA cryptosystem is an asymmetric encryption that is used in online data transfers due to its ease of use. It consists of a public and a private RSA key. The public key is used for encryption and its private counterpart for decryption. Since there is no algorithm that can determine the private key from the public key, the method is considered secure. In addition to encryption, the RSA cryptosystem is also suitable for generating digital signatures.

SSL certificates from IONOS

Protect your domain and gain visitors' trust with an SSL-encrypted website!

Easy activation
Proven safety
24/7 assistance

What is RSA encryption?

The most important feature of asymmetric encryption is that there is not a single key to re-decrypt a file, for example, but two. In RSA encryption, there is a public key, which is freely accessible, and a private key, which should preferably only be known to a single person. The original encryption is done with the public RSA key. However, the private RSA key is required for decryption. If the key is lost, the encryption can almost certainly not be broken.

The basis of the RSA cryptosystem is the trapdoor function known from mathematics. This states that a function can only be reversed if additional information is introduced. If this information isn’t provided, there are too many variables, meaning a solution cannot be calculated in a realistic time frame. In the case of the RSA cryptosystem, the private RSA key contains this additional information.


Find your perfect domain in just a few clicks! Secure your desired domain with IONOS at a reasonable price and benefit from numerous advantages, like Wildcard SSL, domain lock, and a matching email account.

How are RSA keys used?

An RSA cryptosystem can be used to convert data, text, or even an image into an algorithm and made unrecognizable. Without the private RSA key, the corresponding file remains unreadable and can neither be deciphered with the naked eye nor decoded by a program. The underlying data is first converted into natural numbers and then encrypted using the public RSA key. Both the public and the private RSA key consist of a pair of numbers, with one of the two numbers being identical in each case. This number is called the RSA module.

The two remaining numbers are called the encryption exponent and decryption exponent. They are formed from randomly selected prime numbers that have approximately the same scale but should not be too close to each other. Then, the numbers are calculated using mathematical formulas. The encryption process is publicly available and can therefore be easily reproduced. However, to make the encrypted text readable again, the private RSA key is needed in addition to the public key. Until now, there has been no algorithm that reliably breaks down a number into its prime factors.

What are RSA cryptosystems used for?

RSA encryption is used in many areas of everyday digital life. For example, the communication protocol HTTPS (Hypertext Transfer Protocol Secure) or SSL certificates are in most cases secured with an RSA encryption. An RSA cryptosystem is also suitable for encrypting emails, digital messengers, image data, or a hard disk. Since decryption would take too much time even at the highest computing power without the necessary RSA key, the method is considered comparatively secure.

In many cases, an RSA cryptosystem is combined with other methods of encryption to ensure that content or data cannot be opened or read without authorization. Even if you convert your website to SSL, in most cases a combination of different encryptions is used.


Get the best protection for your site and your site visitors! With a SSL certificate from IONOS, you not only ensure that you’re protected from third-party access, but also improve your ranking in popular search engines at the same time.

Digital signatures using RSA encryption

In addition to RSA encryption, which is used, for example, in SSL or TLS protocols the technique is also suitable for creating a digital signature. To confirm the authenticity of a message or file, and to also ensure that the file has not been subsequently edited, the signature is created using the private RSA key. The public key can then be used to check whether the signature and the corresponding file still match.


Protect your domain! The IONOS Domain Guard adds extra security through 2-factor authentication and DNSSEC. You can add this website protection conveniently and inexpensively when you purchase a domain.

We use cookies on our website to provide you with the best possible user experience. By continuing to use our website or services, you agree to their use. More Information.