That's a strong assumption that the upper bound is the math. We haven't seen the rest of Snowden's documents.
I think one of the points in saying this is what it leads to. If the upper bound is the mathematics, and the mathematics is weak (e.g. triple ROT13), then you can't get any more security than that. Well, you sort of can, but that's security through obscurity, or security theatre, which is a fairly weak stance to take.