The answer is "yes." At least we hope it's hard to compute d.
Otherwise, RSA would be insecure.
This, of course, is only true if n is big enough and n is a product of two primes.
The reason the no answer doesn't work is because actually doing the computation
of the totient is difficult.
If we don't know how to turn n into a factor of primes, then it's hard to compute this.
We finished showing the correctness property for RSA.
Now we're getting to the question of how can we claim RSA is secure.
This claim that it is secure because otherwise it would be insecure
is not a very convincing proof.
That's what we're going to look at next.
