Does the symmetric key exchange through asymmetric encryption have to be done asymmetrically?

Question

To communicate over a public channel, it seems often that 2 parties first use some asymmetric-encryption way to exchange a symmetric key. And then use the symmetric key for subsequent communication. The details are:

1. Bob generates a public/private key pair.
2. Bob upload his public key to a key server.
3. Alice download Bob's public key from the key server.
4. Alice chooses a symmetric key, uses Bob's public key to encrypt the symmetric key, and sends it to Bob.
5. Bob decrypts Alice's symmetric key.
6. Bob and Alice communicate with the symmetric key.

In step 4, it seems only Alice can decide the symmetric key. And it must be Alice to send it to Bob. Because if Bob chose and sent the symmetric key to Alice, any eavesdropper can decrypt it.

Is this right?

Answer 1

In your very specific scenario this is true. Asymmetric encryption is used in a lot of cases primarily to secure a key transfer because it is really slow in comparision to symmetric encryption.

The problem with symmetric encryption on the other hand is that the key exchange cannot be protected in an automated way when only using symmetric encryption. In your case the only person with a assymetric keypair is bob so if one wanted to send a key in a secure way, the only recipient can be bob.

Answer 2

Short answer is yes.

In your scenario, Alice is the one who is initiating the communication using the other party's public key. In case bob wants to start the communication, he may use Alice's public key to share a chosen symmetric key.

For most cases, one of the parties would act as a client and the other as a server. Generally the client would use the server's public key to verify its authenticity and initiate communication. I suggest reading up on how SSL works to better understand how this workflow is used for practical purposes. SSL/TLS is the most commonly found application of this workflow.

Recommended reading:

How does SSL/TLS work?