You’ve probably gotten a lot of this from your reading, but hopefully can help with at least one piece by walking through it.

RSA uses keys based on two big prime numbers. Your public key is a consistent algorithm using those two numbers, plus some fluff mixed in to make the ends neat and make that little bit harder to figure out what’s “meat” and what’s “fluff”.

The reason this is useful is because there isn’t a quick way to find all the factors of a big number. For example, you can tell if a number is divisible by two or three pretty easily, but if I give you a Real Big Number (RBN) and the number 43,769,461 the only way to figure out if it’s a factor of RBN is to try it out.

They use prime numbers because then there’s only one path each way to get our two unique factors from RBN. There are no “false” matches where it just happens to match up with what we’re looking for because it’s another factor. Some types of encryption can have more than one matching answer so you might have two or more, making it take half the time (or less) to find a “solution”.

So an analogy might be if I gave you a string of 40 numbers that included a section that was the product of multiplying my social security number by my phone number and then asked you to give me a call. Even if you knew the format of both numbers, you’d have a hard time figuring out one without the other. It would be even harder if the numbers were of unknown length, and harder still if they varied in length from say 15 to 30 digits (or more). It’s just a lot of ground to cover.

So to cover that ground, you’d basically have to take the RBN, determine what’s fluff, trim the fluff, take a guess at a possible factor, get the other factor, run it through your algorithm and then test that against your message to see if you got anything useful. If not, you try again.

If there are millions or billions (I really have no idea) of possibilities, that’s a computationally intensive routine to keep running, and takes real time no matter what kind of processing power you have. Since you’re basically just making a guess, and then figuring out what the next possible guess would be, and trying that.

The private key includes one of the numbers, so it can easily figure out the other with that and is the reason you can easily read the message with the key.

The math, the algorithm, the number length, how the numbers are generated, and the other details are all variables that can be used to keep it from being one process from start to finish. Which leaves some blanks for anyone trying to read the message to fill in.

RSA has a set algorithm, but as I understand it, leaves the rest up to implementation.

Help at all?