So far, my understanding of a password transfer using a public key algorithm is as follows:

1. AJAX call to PHP page retrieves generated public key
2. Password is encrypted using the public key
3. AJAX call to PHP page transmits the encrypted string
4. PHP page decrypts the string with the private key

First off, my understanding may be wrong; please correct me if it is. Assuming it isn’t, there is a slight problem nonetheless: the private key must be generated in step 1, but it is only used in step 4. My question is: how can I get the PHP page to “remember” the private key that it generated in the first call, to be used in the second?