TSS.NET RsaEncrypt producing different cipher text when using the same handle

Question

I am following the Authorisation program on TSS.MSR Github, and I am stuck probably with understanding TMP as a whole.

snippet from the repo:

static void AutomaticAuth(Tpm2 tpm)
        {

            TpmHandle primHandle = CreateRsaPrimaryKey(tpm);
            ...
            TpmHandle keyHandle = CreateSigningDecryptionKey(tpm, primHandle, out keyPublic);
            ...
            byte[] message = new byte[] { 1, 2, 3 };
            ...
            byte[] encrypted = tpm.RsaEncrypt(keyHandle, message, decScheme, null);
            Console.WriteLine("(1)Data after encryption " + BitConverter.ToString(encrypted));

            byte[] decrypted1 = tpm.RsaDecrypt(keyHandle, encrypted, decScheme, null);
            

            // Code added by me
            byte[] encrypted2 = tpm.RsaEncrypt(keyHandle, message, decScheme, null);
            Console.WriteLine("(2)Data after encryption " + BitConverter.ToString(encrypted2));

            byte[] decrypted3 = tpm.RsaDecrypt(keyHandle, encrypted, decScheme, null);
            ...

The code creates RSA primary key ( which should mean it doesn't have to be loaded - as opposed to TPM_Create() ) and then uses primHandle to create a child. With the same keyhandle then encrypting the same message. Yet the result cipherText is different in each case.

My goal is to create an application that will encrypt and decrypt messages even after the application is rerun. This should mean that I need to export the handle somewhere and, in the rerun, load it again.

I'm starting with simple stuff, but this has me stuck.

What am I missing here?