420 http://inventwithpython.com/hacking
Email questions to the author: [email protected]
There’s a problem, though. Remember that n is a number that is around 600 digits long. In fact,
Python’s math.sqrt() function can’t even handle a number that big (it will give you an error
message). But even if it could, Python would be executing that for loop for a very, very long
time.
Our Sun doesn’t have enough mass to eventually go supernova, but in 5 billion years it will
expand into a red giant star and utterly destroy the Earth. Even if your computer was still running
then, there’s still no chance that 5 billion years is long enough to find the factors of n. That is how
big the numbers we are dealing with are.
And here’s where the strength of the RSA cipher comes from: Mathematically, there is no
shortcut to finding the factors of a number. It’s easy to look at a small number like 15 and say,
“Oh, 5 and 3 are two numbers that multiply to 15. Those are factors of 15.” But it’s another thing
entirely to take a (relatively small) number like 178,565,887,643,607,245,654,502,737 and try to
figure out the factors for it. The only way we can try is by brute-forcing through numbers, but
there are too many numbers.
It is really easy to come up with two prime numbers p and q and multiply them together to get n.
But it is reasonably impossible to take a number n and figure out what p and q are. These facts
make the RSA cipher usable as a cryptographic cipher.
Summary
That’s it! This is the last chapter of the book! There is no “Hacking the RSA Cipher” chapter
because there’s no straightforward attack on the mathematics behind the RSA cipher. And any
brute-force attack would fail, because there are far too many possible keys to try: the keys are
literally hundreds of digits long. If you had a trillion buildings each with a trillion computers that
each tried a trillion keys every nanosecond, it would still take longer than the universe as been in
existence to go through a fraction of the possible keys. (And the electric bill for all those
computers would bankrupt every industrialized nation on the planet.)
That’s a lot of possible keys.
The RSA algorithm is a real encryption cipher used in professional encryption software. When
you log into a website or buy something off the Internet, the RSA cipher (or one like it) is used to
keep passwords and credit card numbers secret from anyone who may be intercepting your
network traffic.
Actually, while the basic mathematics used for professional encryption software are the same as
described in this chapter, you probably don’t want to use this program for your secret files. The
hacks against an encryption program like rsaCipher.py are pretty sophisticated, but they do exist.
(For example, the “random” numbers returned from random.randint() aren’t truly random