I said more about this in the longer version of the article, but regarding your analogy, that's related to the distinction between the known-cipher and unknown-cipher case. Your analogy, to the extent that only you understand what remains after applying the standardized decryption, actually has one more cipher at the end that the attackers don't know, which puts it into the "unknown cipher" case. (EDIT: Yikes! That previously said "unknown cipher-text" and has since been corrected.)

And this indeed is a harder kind of cryptanalysis, and I expect cryptanalytic methods to be less productive in the corresponding areas of science -- to the extent that the attacker must first learn the cipher, they have a lot more work to do. But if it's a simple cipher that, say, falls prey to simple frequency analysis, then even that can be broken.

For a further explanation, here's an excerpt of what I was had in the longer-longer version:

Now, there are two kinds of cryptanalysis I'll focus on, and for which I'll give the mapping to a problem in science:

Known-cipher cryptanalysis: Cryptographers usually focus on this kind of attack, because it's usually assumed that "the enemy knows the cipher" (but not the key), or at least, they must make the system safe even in the case where the enemy does know the cipher. This is very much like the problem of parameter estimation. ...

Unknown-cipher cryptanalysis: This is, of course, tougher than the known cipher kind, although (for reasons I won't go into here), cryptographers advice against choosing a cipher based on "the enemy doesn't know of it!" However, over the history of codes and codebreaking, more general methods were developed that allow you to find regularities in the ciphertext from which you can infer the plaintext, even if you didn't originally know what cipher was being used.

[end excerpt]With that in mind, I don't think your analogy carries over as an explanation for why cryptanalysis would fail on scientific problems. Remember, the plaintext being sought is in the form of observations. To the extent that we can infer the plaintext, where the plaintext is yet-to-be-observed data, then we have cryptanalytically solved a scientific problem because we can predict the data, even if we can't ascribe any deeper meaning to it.

In short:

1) The plaintext refers to the meaningful plaintext, and so your example implicitly adds one more unknown cipher, a case generally ignored by cryptographers because of Kerchoff's law.

2) In science, once you can consistently predict future data, you have the (analog of the) plaintext.

I oversimplified there [1], but even with your corrected phrasing of the situation, that suggests some room for cryptanalysis-based improvement in science, because finding any pattern distinguishable from randomness is a win for science as well.

Given that nature does not deliberately or intelligently add the entropy that halfway-decent ciphers add, then the patterns belonging to the weaker, lower-entropy set of observable data that nature is limited to should be a much easier problem for cryptanalysts than the ciphers they normally try to attack.

In other words, when it comes to injecting entropy into ciphertexts, nature couldn't hold a candle to even the easily-broken ciphers. Right?

[1] To be precise, it would have to be something more tautologous like, "For a given cryptanalytic goal, the best cryptanalytic methods can meet that goal for a cipher with the level of complexity in the most complex cipher broken for that goal and all ciphers of lower complexity."

I write a message in Klingon to a friend. You intercept it. You've never heard of the Klingon language before and have no information about it whatsoever. Is it possible to "decrypt" the message and produce an English translation, assuming that the message is long enough?

The answer to this is far from clear. Part of the question is more linguistic and philosophical than cryptanalytic. There are historical examples of languages that have been successfully deciphered. The two most famous are probably Egyptian hieroglyphics and Linear B. While the first example we had additional texts (especially the Rosetta stone) that allowed us to connect it to an existing language, in the case of Linear B, there was no similar linking text. Linear B turned out to be a form of Greek, but this wasn't used at all in the decipherment until the very last stages when this had become very apparent (as I understand it, most of the researchers at the time thought that it was not a form of Greek). But there would probably be many words in Linear B that we would not be able to translate today if not for the fact that they have recognizable Greek cognates and counterparts.

But the case of Linear B is very different than the hypothetical case of "Klingon". Actual Klingon is very similar to a variety of human languages. It isn't obvious that a language belonging to a genuinely different species with absolutely no cultural or physical context would be decipherable in any useful way. Human languages generally share some basic aspects and it isn't obvious that those basics would be shared by a language from another species.

If one had more than just language one might be able to decipher things based on the connections to physical reality. So for example, one might be able to recognize a version of the periodic table even if it were arranged in a very different fashion (humans have made a large number of different forms, some three dimensional). And if the text contained material designed to assist in understanding then the situation might be easier even if the language is radically different from anything humans have encountered before. For examples it might have something like "1 . 2 ... 3 ... 4 .... 5 ....." up to some large number and then having something like "Primes 2.. 3... 5..... 7......." going out to some distance. Note here I've assumed that primes are a concept that another species would even find to be interesting enough to consider. But many simple sequences would be reasonable starters, such as squares or powers of 2. This doesn't address the situation you cared about which was addressing the cryptanalytic analog between language and the universe. Presumably the universe isn't trying to be deciphered. And the statement of your remark seems to imply that the message isn't intended to be deciphered.

You mention a direct historical example which suggests that cryptanalysis of unknown languages can be very tough. In World War II, the United States employed so called "code talkers" who used obscure, generally Native American languages, as secret codes. The use of Navajo in this fashion is the most famous although some other languages were used as well. In this case, even when the Japanese knew towards the end of the war what languages were being used they were unable to crack the codes. However, by the end of the war the codes were not just simple spoken Navajo but had (somewhat weak) cryptography added in and the combination seems to have been what really created the trouble. Note also that in this case the Japanese had a large amount of physical context for the messages since they knew that they were military messages and even knew which messages corresponded (very roughly) to which events.

So the bottom line is that there's evidence both ways, and it might depend a lot on how different an alien language would be from humans and whether or not the text is intended to be deciphered.

Seconded, I've wondered the same thing myself and voiced similar concerns here.

It has always perplexed me how WWII US cryptographers managed to get anything done, when the plaintext still looks like gibberish -- further complicated by a novel encoding betweeen a non-western script and EM signals.

My partial answer is this: you would not be able to accomplish anything unless you know something about the real-world referents of the code. So you'll have to do something like a known-plaintext attack. For example:

Send 3 planes to Island A, listen to enemy's chatter.
Send 5 planes to Island A, listen to enemy's chatter.
Send 3 planes to island B, listen ... .
Send 3 boats to island B, listen...

From the differences between the chatter at those times, you can figure out the symbols for island a, island B, plane, boat, 3, and 5.

(Incidentally, I remember you comparing foreign language learning to English lit in that everything's arbitrary and not model based. But it helps to think of learning a foreign language as cryptanalysis through a "known plaintext" attack and differential analysis. Given a bunch of phrases and their foreign translations, find the differences and infer how the language works.)

I'm embarrassed to admit this, but I didn't. I guess it could go with whatever intractable scientific problems currently require large computational brute-force approaches [1]: fluid dynamics (including combined free/forced convective heat transfer), protein folding, weather, electron wave functions, ... .

The general approach would be:

1) Base a cipher on the difficult aspect of some scientific problem.
2) Publish the cipher.
3) Wait until someone finds a shortcut to decrypting the cipher without the private key.
4) Simplest explanation that fits the data!

Remaining problem: It's not enough for a scientific problem to be difficult, it must have a trapdoor aspect to it: something that, for the entire problem class, makes it easy to solve if you know it. I'd have to think about how to get that to work for the one domain I'm most familiar with (fluid dynamics).

[1] I guess they're not technically brute force, because they don't try a bunch of solutions in parallel, but you have to do a lot of grind to find the solution that fits all the constraints.

I was basically saying (tautologically) that we can break any cipher except for the ones where we can't. So if you use any of those broken ciphers, an attacker can infer the cipher, key, or plaintext, to the extent that it's possible.

My non-tautological inference, then, is that nature isn't able to intelligently design ciphers, and so her patterns should be much easier for a cryptographer to discern than those that exist in many human-designed ciphers. A good cipher destroys the patterns that would otherwise clue in the attacker on the key or plaintext, and nature should be a lot worse at this, and a lot more limited in her "cipher design". (For example, unlike with AES, she can't layer a cipher so that it first destroys linearity, then permutes the whole thing to resist differential analysis, etc.)

Furthermore, cryptographers warn against using a secret cipher you designed, and this is partly because you won't be able to find all the possible attacks on your own. In other words, for the average person, even if you intelligently design a cipher, an attacker can infer the cipher (by finding its patterns) and plaintext, even if they didn't know the cipher to begin with. Since nature's "designs" will be even less intelligent, they probably aren't resistant to the cryptanalytic methods used in the unknown-cipher case.

Also see my reply to Nancy where I argue that discoveries in astronomy followed the same pattern as frequency analysis.

I don't think this is true for ciphers that are anywhere near as complicated as the physical world is

Right -- I tried to make clear that my concern is only about those phenomena that are less complex that the most complex broken cipher. For unknown-physical-law cases (i.e. we don't even know the dynamics of the phenomenon), the comparison is to ciphers that can be broken even if you don't know which cipher or public key is being used; for unknown-constants cases (where we know the form of the equations), that also includes ciphers requiring knowledge of the cipher and public key to break.

For inferring models of limited complexity on limited numbers of variables in constrained form, however, there're some pretty good algorithms in Pearl's book Causality, based on conditional correlation and independence.

True, but there are broken ciphers that are resistant to a cryptanalytic version of this, which suggests that Pearl isn't covering all the ways to find regularity in data.