PGP Key Pair Generator
Guide
PGP Key Pair Generator
Generate PGP public/private key pairs directly in your browser for email encryption, file signing, and identity verification. Choose between RSA and ECC key types, set an optional passphrase, and configure expiration. Both the public and private keys are output in standard ASCII-armored PEM format ready to import into any PGP-compatible application.
How to Use
Enter your name and email address to embed in the key’s User ID. Optionally add a comment and passphrase. Choose your key type (RSA 2048/4096 or ECC Curve25519), set an expiration period, then click Generate Key Pair. Copy or download both the public and private key blocks.
Features
- RSA and ECC support – RSA 2048 / 4096-bit or ECC Curve25519
- Passphrase protection – optional passphrase to encrypt the private key
- Configurable expiration – never, 1 year, 2 years, or custom days
- ASCII-armored output – standard PEM format compatible with GPG, ProtonMail, Keybase, and all PGP tools
- User ID embedding – name, email, and optional comment baked into the key
- Client-side only – private keys are generated and never leave your browser
FAQ
-
What is the difference between RSA and ECC for PGP keys?
RSA (Rivest–Shamir–Adleman) is the traditional PGP key algorithm offering wide compatibility. A 4096-bit RSA key provides strong security but is slower to generate and produces larger signatures. ECC (Elliptic Curve Cryptography) with Curve25519 offers equivalent security to RSA-3072 with much smaller keys and faster operations. The trade-off is that ECC has slightly less support in legacy PGP implementations.
-
What is ASCII armoring in PGP?
ASCII armoring converts binary PGP key data into Base64-encoded text wrapped with header and footer lines (e.g., -----BEGIN PGP PUBLIC KEY BLOCK-----). This makes binary cryptographic data safe to paste into emails, text files, and web forms without encoding corruption. The armored format is the standard way to share and store PGP keys and encrypted messages.
-
Why should I set an expiration date on my PGP key?
Setting an expiration date limits the damage if your private key is compromised without your knowledge. If an attacker obtains your key, an expiry ensures it eventually becomes invalid. You can always extend the expiration date on a key you still control — the expiry is a safety backstop, not a limitation on legitimate use. Keys without expiration dates remain valid indefinitely even if lost.
-
What is a PGP key fingerprint and why does it matter?
A PGP fingerprint is a short hash (typically 40 hex characters) of the public key, used to verify key identity without exchanging the full key. When someone gives you their public key, you verify the fingerprint through a trusted out-of-band channel (in person, phone call, etc.) to confirm you received the genuine key and not a substituted one. This prevents man-in-the-middle attacks in key exchange.
Install Our Extensions
Add IO tools to your favorite browser for instant access and faster searching
恵 Scoreboard Has Arrived!
Scoreboard is a fun way to keep track of your games, all data is stored in your browser. More features are coming soon!
Must-Try Tools
View All New Arrivals
View AllUpdate: Our latest tool was added on Mar 28, 2026
Get Involved
Help us continue providing valuable free tools
