Our problem is simply stated: we need a way to store the user authentication information on the client in a trustworthy manner. If we allow ourselves one connection to the client, we can authenticate the credentials and save a copy of the authentication information in a way that prevents it from being easily changed by the console. This means wedon't  have to perform any moved the  crypto on part off of  the client and we  can begin to think about trusting the data that we have stored.