Password Authentication
I've given up on trying to write my own authentication protocol. It's a lot harder than it looks, and trying to protect against simple things, like grandmaster attacks, screws up the protocols even more.
I think I've found something interesting. A guy at Stanford came up with a protocol called SRP, which is also enshrined as RFC 2945. It looks like the kind of thing we're looking for, so now I'm going to have to stare it down and try to understand it.