How can I pass data from a J2ME client to a server without fixing the key in advance?

I'm a J2ME programmer. Now my project is related to sending data to server by HTTP. Her开发者_运维问答e I encrypt the data in J2ME side using the Bouncy Castle library (Triple DES). I also maintain the server side coding.

Then on the server side the received data is decrypted and stored in database. Here I'm assuming the key is statically fixed in my code. On the server side and on the J2ME side I use the same key value.

But I have the requirement that the key is randomly generated, not known to user.

If I encrypt the data with some key in the J2ME part, then how can the server decrypt it without knowing the key? Or is there is any other mechanism I can use to solve this? Could asymmetric cryptography help me here?

The way asymmetric cryptography works is the following:

1. The server generates a pair of public/private keys
2. It sends the public key to the client
3. The client uses the public key to encrypt some secret message
4. The server uses the private key to decrypt the message.

Asymmetric algorithms are slower than symmetric encryption so they are often used only to exchange the secret password between the server and the client which will then be used to encrypt the messages using a symmetric algorithm.