RSA, how to communicate backwards

Question

So, I am pretty new to encryption in general but I need it for my Client-Server application, I've chosen RSA for this task. For the encryption of the packet data I use the client's public key and send the ciphertext to the server, now the server decrypts it with his private key and can read the message. My actual problem is: How do I encrypt data on the server side and send it back to the client? I've heard about a "secret key" which is somehow created from the clients and servers keys but I didn't really get the process. Seen it here. Do I just create another pair of keys and send the private key to the client this time or is there another way?

Answer 1

You have to understand the difference between symmetric and asymmetric encryption. In case of RSA, there are public and private keys. A symmetric block cipher such as AES takes only one key which both communicating parties need to have.

So the simplest way of communicating back would be to

1. generate a random AES key (just random 16 bytes),
2. encrypt the client message with AES and the newly generated key [CT1],
3. encrypt the previously generated AES key with server's public RSA key [CT2] (up until now it's called Hybrid Encryption),
4. send CT1 and CT2 to the server,
5. the server decrypts CT2 with its private key to get the AES key,
6. the server decrypts CT1 with the recovered AES key,
7. in order to send a message back, the server can now encrypt the message with AES and the key which is known to both sides (no need for RSA anymore) [CT],
8. the client receives CT and decrypts with the known AES key.

This is of course only the most basic setup. In order to get Perfect Forward Secrecy, you need to use a Diffie-Hellman Key Exchange. AES encryption is also best done with an authenticated mode of operation such as GCM.

If you don't want to get a headache, use TLS.