

Diffie Hellman Parameter Validation Attacks Explained - tptacek
http://chargen.matasano.com/chargen/2007/9/25/adam-bozanich-did-not-uncover-an-nsa-ipsec-conspiracy-diffie.html

======
tptacek
I don't post my own stuff often, but I just rescued this old blog post from
our database dump, read it, and kind of liked it. It's short, tight, and is a
pretty good example of why it's hard to build good crypto (and why you
shouldn't use SRP as your authentication protocol).

~~~
thaumaturgy
_headdesk_

I really need to add matasano's posts to my regular reading. Every time I get
it in my head that I learned something new about security, I discover that I
really know nothing about it at all.

Assuming that I have a good reason for not just implementing SSL for account
authentication -- systems of distributed content, for example -- do you have a
recommendation for anything else?

EDIT: I don't necessarily mean implementations in Javascript, which is silly
pretty much no matter what you do. These would be objective-c or Java
implementations, and the authenticating bits are stored already in the
application which is distributed through trusted sources.

