The user wishes to communicate with a remote partner over an insecure network. Since the user is a human being, a terminal is needed for communication. Cryptographic algorithms running on the terminal may provide authenticity for the user's messages. In this paper the problem of sending authentic messages from insecure or untrusted terminals is analyzed. In this case attackers are able to gain total control over the terminal, so the user must consider the terminal a potential attacker. Smart cards are often considered the ultimate tool for secure messaging from untrusted terminals. However, their lack of user interface enables man-in-the middle attack from the terminal. The authors assume, that user is a human being with limited memory and computational power, and also makes mistakes in his calculations. They demnostrate, that only exceptional useres are able to authenticate messages without a trusted device. Several biometric media encapsulate the content of the message and the identity of the sender, such as speech, video and handwriting. The authors suggest, that such media is far more difficult to counterfeit than plaintext. Thus, the user must rely on his other resources, like biometric ones.
In the protocol proposed by the authors, the user sends messages in a biometric format, strengthened by simple algorithmic authenticators. The smart card functions as a secure time gate ensuring, that the attacker has extremely little time to counterfeit both the biometric and the algorithmic protection on the message. The authors claim, that with the proper calibration of the biometric method and the time gate of the smart card, their protocol is strong enough for practical use.