Bought Simon Singh's The Cracking Codebook in Bangkok airport. At just 250 pages, you can read it in a few hours. Several chapters included the clearest descriptions I've ever read of the Enigma technology and RSA/PGP technology.
The book, written for a "youth" audience has lots of incredibly lucid and detailed explanations. Singh described these things better than any description I've seen before.
It did gush too much about RSA being unbreakable, though.
RSA encryption depends on using a key composed of two very large prime numbers multiplied together. Now theoretically you will use numbers so huge that they take lifetimes of the universe to factor the resulting multiplicated number into the two intital prime numbers. However I see two problems:
1) Everyone already admits that it's possible the NSA has figured out some clever way to factor numbers much faster than anyone realizes possible. If so, then RSA is worthless. This is a well-known concern.
2) What they didn't mention was practical implementation of the system. It's well-understood how difficult it is to make quality random numbers. RSA requires something even tougher, choosing random and really big (10^150 etc) prime numbers. I am sure the difficulty of this makes for a practical weakpoint.
Cracking enigma messages provides a good example for this. An enigma message had two parts, a "day key" and a "message key." The day key was the encryption settings being used all users of the enigma machine on a given day. It would be used to encrypt three letters chosen by the enigma machine operator to encrypt the text of the message. This should make it harder to decipher a random message. However, Allan Turing guessed that field operators would do a bad job of choosing strong message keys, that they'd do dumb things like choose repetitions (qqq vvv iii) or adjacent keyboard keys (qwe asd ghj). These short cut guesses (cribs) could be then used to jumpstart decryption attempts for single messages. It worked well.
So what I can imagine happening is the NSA has worked hard to think about all the bad ways people would generate large prime numbers and formulated lists of the million most likely prime numbers. Then you try those first, so instead of taking a 10^348 billion years to decrypt, it takes 10 seconds.
I need to pull up my Bruce Schneir "Applied Cryptography" book and see what he says about RSA key generation.