Fair enough. Yes, cracking 128 bit encryption requires far more computing power than 64 bit, and if I were going to use a public-private key encryption system, I would certainly choose the highest number of bits possible, but the main point is that if someone develops an efficient factorization algorithm (say O(lg n) where n is the number being factored) then the number of bits used is irrelevant. Actually, the beauty of RSA (and similar public-private key schemes) is not that they are hard to crack conceptually, but rather that doing so requires a prohibitive amount of computing power per instance. Why does it take so much computing power? Only because no one has yet publicly proven that P = NP, and it's a very widely held BELIEF that P != NP. The person that can prove it either way gets at least 1 miliion dollars (offered by the Clay Mathematics Institute -- see
http://www.claymath.org/Millennium_Prize_Problems and look for P vs NP) though the solution would potentially be worth billions to the private sector since it impacts all of the physical sciences -- reading encrypted e-mail is the least interesting application in my opinion.
If memory serves (and it generally doesn't anymore) a grad student in California cracked an instance of 40-bit encryption in ~4 days back in the late 90's. I'll take your word that a 64-bit instance was cracked in ~4 years with a bunch of computers (probably a distributed environment running a variation of the quadratic sieve factorizer -- see
http://mathworld.wolfram.com/QuadraticSieve.html for a detailed explanation) but as you also point out, the NSA may very well have a factorizer in hand that works in P time (O(n^x), x some constant, n = the number of digits or bits in the number) that is capable of breaking any public-private key encryption system, and simply has kept the public ignorant of the fact. The main point is that we don't know simply because the possible existence of such a thing can not be proven or disproven. There are actually a lot of similarities between polygraphs and many number-theoretical assertions, algorithms, and open problems.
At any rate, some technological innovations can be considered nothing more than tools that have some inherent value to the people that use them (like polygraphs for polygraphers and number theoretical conjectures for encryption algorithm designers), even if the actual value is not necessarily as great as what most people believe it to be. That's really the extent of the point I was trying to make. Well, that, and one of my pet peaves happens to be gross generalizations like "In today's world no technology is safe for more than a few months.". The encryption algorithms that rely on a NP-Complete problem have been safe since their inception because of their very nature.