Re: How to pass keys between two programs when using AES Encryption
Thursday, June 10, 2004 07:51 AM
Congratulations -- you have just re-discovered the key distribution problem! unless you can get the key to both parties some other way, beforehand.
Diffie and Hellman (?) invented "public keys" (asymmetric public/private keypairs) to solve it.
First, you send the session (AES, symmetric secret) key, in a message encrypted to the receiver's public key.
The receiver decrypts it, by their private key.
And then, from that point on, you can both use the shared, AES session key, to encrypt everything.