You might wonder why an attacker cannot simply calculate d himself, since you have already given him n = p * q and e. Surely that is enough to reconstruct d with a little work! Actually, we have given away little of value. Even though an attacker has p * q, he does not have (p-1)*(q-1) , which is what he really needs. Unless he can factor n, there is no known easy way of deriving the latter from the former. And factoring n is believed to be computationally infeasible when n is a few hundred digits long. By the way, key lengths of RSA keys are often described by their number of bits rather than by their number of decimal digits (so you may need to divide or multiply by about three-and-a-half to convert between these ways of describing keys).

The lovely effect of this arrangement is that you need not worry at all about the security of your public key; you can send it in unsecured e-mail, or publish it in the newspaper. Anyone who sees your public key can encrypt a message that you alone can decrypt (not even the sender can decrypt it; although the sender could, of course, keep the pre-encrypted original).