harke baj wrote:Actually, I am trying to write a simple client - server secret key exchange program.
Wow, this is a complex topic, and other as a learning experience, a really bad idea. A secret key is supposed to be kept secret. Exchanging them is a really bad idea in general.
What some good protocols do is generate a transmission key just for an exchange of data, and use RSA to encrypt the transmission key, Send that, and use the transmission key with a block cipher such as AES, to encipher the cleartext. Send the cipher text, and the other guy can use RSA to decrypt the transmission key. Then he can use the transmission key to read the message.
Sending long term secret keys is a really, really bad idea.