I don’t disagree in principle, only on the limitation that it’s the only possibility, that there’s only one way to do it, and that it will forever be safe.
A few years ago the standard ‘best practice’ was to store MD5 hashes instead of passwords, because of the math. That didn’t last long once rainbow tables became feasible.
Not long ago, bitcoin could be mined with a CPU. That arms race through GPUs, FPGAs, and ASICs was something to watch. Did the math predict that mining power would get so centralized that quickly?
Have you seen how many vulnerabilities have been discovered in SSL recently (nevermind it’s inherent flaws in the trust model)? The math said it was secure.
Any one standard so widely used as to become ubiquitous is going to be worth breaking by someone. They’ll find ways to get around the math limitations, or ways to backdoor it or inject flaws into the system.
The math of public-key encryption is good, but if there are easy ways around it (like ordering a company to disable it or give up the key, or faking their key, or hiring someone to plant a trusted key), and everyone is depending on one potential single point of failure, then it will be broken. Even if it isn’t easy, it will be worthwhile to someone.
