I am looking for a way to encrypt messages between client and server using the WCF. WCF offers a lot of built in security mechanisms to enrcypt traffic between client and server, but there seems to be nothing fitting my requirements.

I don’t want to use certificates since they are too complicated, so don’t suggest me to to use certificates please. I don’t need confidentiality, so I though I’ll go best using plain RSA.

I want real security, no hardcoded key or something. I was thinking about having a public/private keypair generated every time the server starts. Both keys will only be stored in RAM.
Then wen a client connects it should do exactly like SSL. Just as described here.

1.exchange some form of a private/public key pair; the server generates a key pair and keeps the private key to itself and shares the public key with the client (e.g. over a WCF message, for instance)

2.using that private/public key pair, exchange a common shared secret, e.g. an "encryption key" that will symmetrically encrypt your messages (and since it’s symmetrical, the server can use the same key to decrypt the messages)

3.setup infrastructure on your client (e.g. a WCF extension called a behavior) to inspect the message before it goes out and encrypt it with your shared secret

That would be secure, wouldn’t it?

Is there any existing solution to archive what I described? If not I’ll create it on my own. Where do I start best? Which kind of WCF custom behaviour is the best to implement?

EDIT:
As this is NOT secure, I’ll take the following approach:

When Installing the server component a new X509 certificate will be generated and automatially added to the cert store (of the server). The public part of this generated certificate will be dynamically included into the client setup. When running the client setup on the client machine the certificate will be installed into the trustet windows certificate store of the client.

So there’s no extra work when installing the product and everything should be secure, just as we want it.