and this requires devices to exchange the shared private key which is inherently risky.
There is some risk, sure. I don't see how this would be any more risky than a TLS exchange. Obviously the exchange can be implemented badly, but if done correctly it seems like it would work with certs and send the key encrypted.
I think the bigger risk is the key sitting at rest on multiple devices, some of which are easily lost (cell phones) and could then compromise an account.
poVoq@lemmy.ml 2 years ago
You seem to have a misunderstanding of what public and private keys are. Private keys should never leave the device they were created on, and yes of course having the same key on multiple devices is also a problem.