diff --git a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCiphersuite.java b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCiphersuite.java
index 0bb7645..ca5c726 100644
--- a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCiphersuite.java
+++ b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCiphersuite.java
@@ -87,13 +87,12 @@ void encode(ByteBuf out) {
     /*
      * See https://ietf-wg-ohai.github.io/oblivious-http/draft-ietf-ohai-ohttp.html#section-4.3
      */
-    byte[] createInfo(OHttpCryptoConfiguration configuration) {
-        byte[] exportContext = configuration.requestExportContext();
-        byte[] ret = new byte[exportContext.length + 8];
+    byte[] createInfo(byte[] requestExportContext) {
+        byte[] ret = new byte[requestExportContext.length + 8];
         ByteBuf buf = Unpooled.wrappedBuffer(ret);
         try {
             buf.writerIndex(0)
-                    .writeBytes(exportContext)
+                    .writeBytes(requestExportContext)
                     .writeByte(0);
             encode(buf);
             return ret;
diff --git a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoReceiver.java b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoReceiver.java
index e801d29..a8090b1 100644
--- a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoReceiver.java
+++ b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoReceiver.java
@@ -19,7 +19,6 @@
 import io.netty.incubator.codec.hpke.CryptoDecryptContext;
 import io.netty.incubator.codec.hpke.CryptoEncryptContext;
 import io.netty.buffer.ByteBuf;
-import io.netty.handler.codec.DecoderException;
 import io.netty.incubator.codec.hpke.HPKEMode;
 import io.netty.incubator.codec.hpke.HPKERecipientContext;
 import io.netty.incubator.codec.hpke.OHttpCryptoProvider;
@@ -38,7 +37,7 @@ public final class OHttpCryptoReceiver extends OHttpCrypto {
     public final static class Builder {
         private OHttpCryptoProvider provider;
         private OHttpCryptoConfiguration configuration;
-        private OHttpServerKeys serverKeys;
+        private AsymmetricCipherKeyPair privateKey;
         private OHttpCiphersuite ciphersuite;
         private byte[] encapsulatedKey;
         private byte[] forcedResponseNonce; // for testing only!
@@ -53,8 +52,8 @@ public Builder setConfiguration(OHttpCryptoConfiguration configuration) {
             return this;
         }
 
-        public Builder setServerKeys(OHttpServerKeys value) {
-            this.serverKeys = value;
+        public Builder setSenderPrivateKey(AsymmetricCipherKeyPair privateKey) {
+            this.privateKey = privateKey;
             return this;
         }
 
@@ -93,21 +92,17 @@ public static Builder newBuilder() {
 
     private OHttpCryptoReceiver(Builder builder) {
         this.configuration = requireNonNull(builder.configuration, "configuration");
-        OHttpServerKeys serverKeys = requireNonNull(builder.serverKeys, "serverKeys");
         OHttpCiphersuite ciphersuite = requireNonNull(builder.ciphersuite, "ciphersuite");
         byte[] encapsulatedKey = requireNonNull(builder.encapsulatedKey, "encapsulatedKey");
         OHttpCryptoProvider provider = requireNonNull(builder.provider, "provider");
-        AsymmetricCipherKeyPair keyPair = serverKeys.getKeyPair(ciphersuite);
-        if (keyPair == null) {
-            throw new DecoderException("ciphersuite not supported");
-        }
+        AsymmetricCipherKeyPair keyPair = requireNonNull(builder.privateKey, "privateKey");
         if (builder.forcedResponseNonce == null) {
             this.responseNonce = ciphersuite.createResponseNonce();
         } else {
             this.responseNonce = builder.forcedResponseNonce;
         }
         this.context = provider.setupHPKEBaseR(HPKEMode.Base, ciphersuite.kem(), ciphersuite.kdf(),
-                ciphersuite.aead(), encapsulatedKey, keyPair, ciphersuite.createInfo(configuration));
+                ciphersuite.aead(), encapsulatedKey, keyPair, ciphersuite.createInfo(configuration.requestExportContext()));
         try {
             this.aead = ciphersuite.createResponseAEAD(provider, context, encapsulatedKey,
                     this.responseNonce, configuration.responseExportContext());
diff --git a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoSender.java b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoSender.java
index 5fa02e4..039aa1a 100644
--- a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoSender.java
+++ b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpCryptoSender.java
@@ -94,7 +94,7 @@ private OHttpCryptoSender(Builder builder) {
         AsymmetricKeyParameter pkR = requireNonNull(builder.receiverPublicKey, "receiverPublicKey");
         AsymmetricCipherKeyPair forcedEphemeralKeyPair = builder.forcedEphemeralKeyPair;
         this.context = this.provider.setupHPKEBaseS(HPKEMode.Base, ciphersuite.kem(),
-                ciphersuite.kdf(), ciphersuite.aead(), pkR, ciphersuite.createInfo(configuration),
+                ciphersuite.kdf(), ciphersuite.aead(), pkR, ciphersuite.createInfo(configuration.requestExportContext()),
                 forcedEphemeralKeyPair);
     }
 
diff --git a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpServerCodec.java b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpServerCodec.java
index 1793bc5..1fe07d8 100644
--- a/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpServerCodec.java
+++ b/codec-ohttp/src/main/java/io/netty/incubator/codec/ohttp/OHttpServerCodec.java
@@ -283,7 +283,7 @@ public boolean decodePrefix(ByteBuf in) {
             receiver = OHttpCryptoReceiver.newBuilder()
                     .setOHttpCryptoProvider(provider)
                     .setConfiguration(version())
-                    .setServerKeys(keys)
+                    .setSenderPrivateKey(keys.getKeyPair(ciphersuite))
                     .setCiphersuite(ciphersuite)
                     .setEncapsulatedKey(encapsulatedKey)
                     .build();
diff --git a/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpCryptoTest.java b/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpCryptoTest.java
index f1ce761..cf98bfe 100644
--- a/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpCryptoTest.java
+++ b/codec-ohttp/src/test/java/io/netty/incubator/codec/ohttp/OHttpCryptoTest.java
@@ -117,7 +117,7 @@ public void testCryptoVectors(OHttpCryptoProvider senderProvider, OHttpCryptoPro
                 AEAD.AES_GCM128);
 
         assertEquals("6d6573736167652f626874747020726571756573740001002000010001",
-                ByteBufUtil.hexDump(ciphersuite.createInfo(OHttpVersionDraft.INSTANCE)));
+                ByteBufUtil.hexDump(ciphersuite.createInfo(OHttpVersionDraft.INSTANCE.requestExportContext())));
 
         AsymmetricKeyParameter receiverPublicKey
                 = senderProvider.deserializePublicKey(KEM.X25519_SHA256, kpR.publicParameters().encoded());
@@ -157,7 +157,7 @@ public void testCryptoVectors(OHttpCryptoProvider senderProvider, OHttpCryptoPro
                 try (OHttpCryptoReceiver receiver = OHttpCryptoReceiver.newBuilder()
                         .setOHttpCryptoProvider(receiverProvider)
                         .setConfiguration(OHttpVersionDraft.INSTANCE)
-                        .setServerKeys(serverKeys)
+                        .setSenderPrivateKey(serverKeys.getKeyPair(ciphersuite))
                         .setCiphersuite(receiverCiphersuite)
                         .setEncapsulatedKey(receiverEncapsulatedKey)
                         .setForcedResponseNonce(ByteBufUtil.decodeHexDump("c789e7151fcba46158ca84b04464910d"))