This is a great topic. I hope you continue expanding it. I like spending my free time by just going through all these technical explanations, even if I'm not good enough on fully understanding them. Some questions:
Second, private keys take exponentially more time to brute-force than a medium-length password (you need a password length of about 311 ASCII characters to provide the equivalent security of an RSA-2048 private key, and 622 characters for RSA-4096 key).
Can you explain why that happens? And brute forcing what algorithm? I suppose that since RSA encryption is different than just keeping hashed passwords on a database, you probably mean brute forcing a message digest algorithm. But why 311?
Decrypting a message with RSA:
Average-speed way: compute secretMessage = encryptedMesaage**privateExponent mod modulus. You need to get the user password for the private key if it is password-protected (encryption doesn't require a password prompt)
I get that it is possible and thankfully, you wrote the mathematical equation, but why does that happen? Why do you get the message once you rise the
encryptedMessage to the power of
privateExponent and then take the modulus of this process? I don't understand how we end up with the secret message with these mathematical operations. Sorry for my terrible mathematical grammar. I don't tend to write about maths very often. I actually only discuss about maths and cryptography on bitcointalk.
AFAIK modulus is the remainder of a division. With what do you divide
encryptedMesaage**privateExponent?
My suggestion is to explain ECC in one of these future materials. I would be very interested understanding the maths behind ECDSA encryption which tyrannizes me these days!