Dan Bernstein has a provocative paper on how he succesfully executed a complete AES key recovery in a lab setting. AES (Rijndael) is the current algorithm being promoted by NIST as the preferred method of encrypting data.
Instead of trying to crack the encrypted string, this approach attempts to learn about the encryption process as it executes by examining outside effects. In this case, the specific time certain parts of the encryption/decryption software takes to run leaks information to a potential attacker.
The autor notes that while this type of attack can be thwarted by not relying on array lookups, the performance hit is substantial enough to make use of the algorithm impractical.
I don't know if an attack like this has actually been pulled off in the wild yet. It sounds like your system would have to be pretty heavily compromised before this type of attack could take place.
cachetiming-20050414.pdf (application/pdf Object)