You don't need a cert to do crypto. You can could use some random string
of
bytes as the key to RijndaelManaged for example. However, both sides need
the same key and IV - that is where things can get interesting. You can
arrange the same key and figure out way to keep them secure and hidden.
You
could also use some key agreement protocol to negotiate a key between two
parties. Things like Diffie-hellman, SRP, PKI can help in that regard.
But
you don't "need" a cert or an RSA key-pair to do symmetric crypto like
Rijndael.
True. But symmetric keys are weak. Time for a crypto rant.
Security is a matter of degree. All crypto can be broken. It's a question of
how LONG it will stand up to competent assault. If the answer (for the key
in use) is within three standard deviations of "as long as it matters" then
you can regard the situation as secure. For example, for combat crypto under
fire, the value of message text is typically limited to a couple of hours,
and the people listening generally don't have computers with them. In this
scenario you would use a cheap and nasty substitution cyper.
For messages like the next month's intinerary for your nuclear submarine,
the message must remain private for at least a couple of months. (And
remember that in this context the people trying to read your messages have
wonderful toys and people who are paid to spend all month breaking your
cypher with big hardware.)
For bank transactions, where the value of the cypher has more to do with
non-repudation by both parties, the cypher is under less stress but must
last for years (and you have to factor Moore's principle into this). In this
scenario (contrast combat cyphers in a hotzone) time can be taken using a
slow cypher like twin-primes with a very large key pair.
One more caveat. Being speed freaks, programmers tend to do things like use
a double DWORD to store the key because the CPU can manipulate this much
faster than representations that aren't directly supported by hardware. The
consequence of this is that it puts key values into a predictable range. We
know that in this integer domain there is a fixed and very finite set of
primes, and we know that programmers have been taught not to use weak key
pairs (for the meaning of "weak key pairs" consult an encryption text).
We can precompute a of non-weak key pairs from the key domain, order it
descending by one side of the pairs, select only the range corresponding to
the public key (one keeps this list in a database) and thus enormously
reduce the search domain for a brute force attack. We can also generally
rely on programmers and users to think that big keys are good, so we do a
descending search from the top of the search domain, from where they are
most likely to have chosen. Even where the key range is not determined by
hardware, there is a tendency to pick a fixed key bit length, with similar
effect (though not so dire).
Theoretically strong it may be, but inappropriate use can make RSA more
fragile than people think.
