I am curious how you think the cracking community was and is able to create CD-key generators within minutes of new games being released despite as you write: "No mathematics can do it"?
Do they practice magic or maybe I am right in that the software used to authenticate ( the game ) IS THE KEY that you can use to unlock ANY encrypted information with? ( including encrypted passwords or encrypted lists/generators of valid CD-keys stored offline on your own disk ).
In this case the weakest link is the authentication software ( the game ), and the fact that all information is stored offline where you ( or any cracking tool ) can read them.
You have to understand that not all forms of cryto are similar. CD keys that have an easily reversed engineered algorithm stored in an offline exe is quite different from publicly available programs based on PGP like GNU Privacy Guard.
The CD key just unlocks the game, so by removing the "lock", or the part that authenticates the CD key from the exe you have access to the game.
On the other hand, encrypted saves are considerably more complex and harder to reverse engineer without the private key if implemented right. You should not make a mistake distinguishing between the engine (the program), the puzzle (encrypted save) and the key (your private key). Even removing the part from the game that authenticates the save would mean that it's unable to actually decrypt it, leaving you unable to open the save still while still being able to play the game.
This is similar to how emails are secured via public encryption programs, and a public key/private key system.
Programs tend not to be protected like that simply because it needs to actually run, and running stuff that's encrypted should have a lot more lag, and a separate translation layer in between to encrypt/decrypt information passing through. Once you load the entire program into memory it's basically unencrypted anyway, and some attacks can proceed like that.
