The NSA's capabilities for cracking encryption are not known outside the agency. However, the most secure part of an encryption system remains the "mathematics of cryptography," Schneier said. The greater weaknesses, and the ones mostly likely to be exploited by governments in general, are the systems at the start and end of the data flow.
"I worry a lot more about poorly designed cryptographic products, software bugs, bad passwords, companies that collaborate with the NSA to leak all or part of the keys, and insecure computers and networks," Schneier said in a blog post. "Those are where the real vulnerabilities are, and where the NSA spends the bulk of its efforts."
Bocek agreed, saying that the most serious vulnerabilities are often in the systems companies use to manage the keys and certificates for encrypting data.
"While encryption provides a significant barrier and certainly makes it economically expensive if I'm going to attack directly, it doesn't mean that I as the enterprise is invincible," he said.
Sign up for CIO Asia eNewsletters.