Contrary to popular belief, encryption [1] per se isn't all that difficult. The algorithms are well known and hardened, and typically, the actual encryption APIs (the bits of the program that do the actual munging of the bits) are pretty easy to use.
It's the encryption key management that's near impossible to handle correctly. Key [2] authorities [3] are [4] a [5] joke [6]. And even if the authorities in charge of encryption keys weren't a joke, it's still hard to exchange keys with random people [7] and know your communications aren't being monitored, never mind obtaining your encryption keys via literal eavesdropping [8] or through power consumption of your laptop [9] (previous two links via tedu [10]).
[1] https://en.wikipedia.org/wiki/Encryption
[3] http://jurinnov.com/the-threat-of-rogue-certificate-authorities/
[5] http://googleonlinesecurity.blogspot.com/2015/09/improved-digital-certificate-security.html?m=1
[6] http://www.kimmoa.se/The_CA_system_is_a_joke/
[7] http://www.veracode.com/security/man-middle-attack
[8] http://www.cs.tau.ac.il/~tromer/acoustic/
[9] http://www.tau.ac.il/~tromer/handsoff/
[10] http://www.tedunangst.com/flak/post/dont-encrypt-all-the-things