> In a follow-up, it would be cool if you wrote about SRP authentication.
First time I hear of this. Looks interesting, but as PAKE goes I know B-SPEKE, AuCPACE, and OPAQUE better. I'm trying to determine which one I want right now, possibly even design my own, but I found those protocols are significantly harder to get right than authenticated key exchange. I also don't know them well enough to competently write about them just yet.
Sorry, I should have written PAKE (the general concept) and not SRP (one particular protocol that implements PAKE). If you are interested in my 2 cents, choose one that you understand and you can explain best. Feels most aligned with your goal of making crypto less magic.
First time I hear of this. Looks interesting, but as PAKE goes I know B-SPEKE, AuCPACE, and OPAQUE better. I'm trying to determine which one I want right now, possibly even design my own, but I found those protocols are significantly harder to get right than authenticated key exchange. I also don't know them well enough to competently write about them just yet.