I'm creating an Android application, that at first needed to be able to transmit data to the server securely. So I thought of RSA.
I would send the public key to the user, let him do what he must, then receive back and decrypt via private. That is all fine.
But now it seems, that there should also be some sort of encryption to the other side. Meaning, there should be means of encrypting a message and sending it to the user, and allow only the specific user be able to read it.
This smells like having 2 pairs of keys, and sending public key from one pair and private key from the other to the user, and keeping the rest to the server.
I have looked at symmetric keys, but they somehow seem less secure to me.
Am I missing something, or is this common? I'm somewhat new to the whole cryptography scene.