diff --git a/Cargo.lock b/Cargo.lock
index 40ba96e..7762af5 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -19,7 +19,7 @@ checksum = "9e8b47f52ea9bae42228d07ec09eb676433d7c4ed1ebdf0f1d1c29ed446f1ab8"
 dependencies = [
  "cfg-if 1.0.0",
  "cipher",
- "cpufeatures 0.2.1",
+ "cpufeatures",
  "opaque-debug",
 ]
 
@@ -152,21 +152,21 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
 
 [[package]]
 name = "chacha20"
-version = "0.7.1"
+version = "0.8.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fee7ad89dc1128635074c268ee661f90c3f7e83d9fd12910608c36b47d6c3412"
+checksum = "01b72a433d0cf2aef113ba70f62634c56fddb0f244e6377185c56a7cadbd8f91"
 dependencies = [
  "cfg-if 1.0.0",
  "cipher",
- "cpufeatures 0.1.5",
+ "cpufeatures",
  "zeroize",
 ]
 
 [[package]]
 name = "chacha20poly1305"
-version = "0.8.0"
+version = "0.9.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1580317203210c517b6d44794abfbe600698276db18127e37ad3e69bf5e848e5"
+checksum = "3b84ed6d1d5f7aa9bdde921a5090e0ca4d934d250ea3b402a5fab3a994e28a2a"
 dependencies = [
  "aead",
  "chacha20",
@@ -186,9 +186,9 @@ dependencies = [
 
 [[package]]
 name = "clap"
-version = "3.0.0-beta.5"
+version = "3.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "feff3878564edb93745d58cf63e17b63f24142506e7a20c87a5521ed7bfb1d63"
+checksum = "d17bf219fcd37199b9a29e00ba65dfb8cd5b2688b7297ec14ff829c40ac50ca9"
 dependencies = [
  "atty",
  "bitflags",
@@ -199,14 +199,13 @@ dependencies = [
  "strsim",
  "termcolor",
  "textwrap",
- "unicase",
 ]
 
 [[package]]
 name = "clap_derive"
-version = "3.0.0-beta.5"
+version = "3.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8b15c6b4f786ffb6192ffe65a36855bc1fc2444bcd0945ae16748dcd6ed7d0d3"
+checksum = "e1b9752c030a14235a0bd5ef3ad60a1dcac8468c30921327fc8af36b20c790b9"
 dependencies = [
  "heck",
  "proc-macro-error",
@@ -215,15 +214,6 @@ dependencies = [
  "syn",
 ]
 
-[[package]]
-name = "cpufeatures"
-version = "0.1.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "66c99696f6c9dd7f35d486b9d04d7e6e202aa3e8c40d553f2fdf5e7e0c6a71ef"
-dependencies = [
- "libc",
-]
-
 [[package]]
 name = "cpufeatures"
 version = "0.2.1"
@@ -410,9 +400,9 @@ dependencies = [
 
 [[package]]
 name = "hpke"
-version = "0.7.1"
+version = "0.8.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2b27779b5c326e3afe887e806ab04ac34922a9a723ee3fae62170b3f7ad33380"
+checksum = "849e95e93b040915ae2ea8ae9cc0e73a0dc9804e557fa7959c1ba9dce20215a6"
 dependencies = [
  "aead",
  "aes-gcm",
@@ -421,6 +411,7 @@ dependencies = [
  "digest",
  "generic-array",
  "hkdf",
+ "paste",
  "rand_core 0.6.3",
  "serde",
  "sha2",
@@ -501,7 +492,6 @@ dependencies = [
  "assert_fs",
  "bincode",
  "clap",
- "generic-array",
  "hpke",
  "radix64",
  "rand",
@@ -529,20 +519,26 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
 
 [[package]]
 name = "os_str_bytes"
-version = "4.2.0"
+version = "6.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "addaa943333a514159c80c97ff4a93306530d965d27e139188283cd13e06a799"
+checksum = "8e22443d1643a904602595ba1cd8f7d896afe56d26712531c5ff73a15b2fbf64"
 dependencies = [
  "memchr",
 ]
 
+[[package]]
+name = "paste"
+version = "1.0.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0744126afe1a6dd7f394cb50a716dbe086cb06e255e53d8d0185d82828358fb5"
+
 [[package]]
 name = "poly1305"
 version = "0.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "048aeb476be11a4b6ca432ca569e375810de9294ae78f4774e78ea98a9246ede"
 dependencies = [
- "cpufeatures 0.2.1",
+ "cpufeatures",
  "opaque-debug",
  "universal-hash",
 ]
@@ -554,7 +550,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8419d2b623c7c0896ff2d5d96e2cb4ede590fed28fcc34934f4c33c036e620a1"
 dependencies = [
  "cfg-if 1.0.0",
- "cpufeatures 0.2.1",
+ "cpufeatures",
  "opaque-debug",
  "universal-hash",
 ]
@@ -785,7 +781,7 @@ checksum = "b69f9a4c9740d74c5baa3fd2e547f9525fa8088a8a958e0ca2409a514e33f5fa"
 dependencies = [
  "block-buffer",
  "cfg-if 1.0.0",
- "cpufeatures 0.2.1",
+ "cpufeatures",
  "digest",
  "opaque-debug",
 ]
@@ -859,9 +855,6 @@ name = "textwrap"
 version = "0.14.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "0066c8d12af8b5acd21e00547c3797fde4e8677254a7ee429176ccebbe93dd80"
-dependencies = [
- "unicode-width",
-]
 
 [[package]]
 name = "thread_local"
@@ -878,27 +871,12 @@ version = "1.14.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b63708a265f51345575b27fe43f9500ad611579e764c79edbc2037b1121959ec"
 
-[[package]]
-name = "unicase"
-version = "2.6.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "50f37be617794602aabbeee0be4f259dc1778fabe05e2d67ee8f79326d5cb4f6"
-dependencies = [
- "version_check",
-]
-
 [[package]]
 name = "unicode-segmentation"
 version = "1.8.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8895849a949e7845e06bd6dc1aa51731a103c42707010a5b591c0038fb73385b"
 
-[[package]]
-name = "unicode-width"
-version = "0.1.9"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3ed742d4ea2bd1176e236172c8429aaf54486e7ac098db29ffe6529e0ce50973"
-
 [[package]]
 name = "unicode-xid"
 version = "0.2.2"
@@ -980,9 +958,9 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
 
 [[package]]
 name = "x25519-dalek"
-version = "1.1.1"
+version = "1.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5a0c105152107e3b96f6a00a65e86ce82d9b125230e1c4302940eca58ff71f4f"
+checksum = "2392b6b94a576b4e2bf3c5b2757d63f10ada8020a2e4d08ac849ebcf6ea8e077"
 dependencies = [
  "curve25519-dalek",
  "rand_core 0.5.1",
@@ -991,9 +969,9 @@ dependencies = [
 
 [[package]]
 name = "zeroize"
-version = "1.4.2"
+version = "1.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bf68b08513768deaa790264a7fac27a58cbf2705cfcdc9448362229217d7e970"
+checksum = "4756f7db3f7b5574938c3eb1c117038b8e07f95ee6718c0efad4ac21508f1efd"
 dependencies = [
  "zeroize_derive",
 ]
diff --git a/Cargo.toml b/Cargo.toml
index 8a73390..680cc89 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -6,12 +6,9 @@ description = "Tool to interact with the firewall matched data feature"
 edition = "2021"
 
 [dependencies]
-assert_cmd = "2.0.2"
-assert_fs = "1.0.6"
 bincode = "1.3.3"
-clap = "3.0.0-beta.5"
-generic-array = { version = "0.14.4", features = ["serde"] }
-hpke = { version = "0.7.1", default-features = false, features = [
+clap = { version = "3.0.0", features = ["derive"] }
+hpke = { version = "0.8.0", default-features = false, features = [
     "x25519",
     "serde_impls",
 ] }
@@ -20,5 +17,9 @@ rand = "0.8.4"
 serde = { version = "1.0.130", features = ["derive"] }
 serde_json = "1.0.68"
 
+[dev-dependencies]
+assert_cmd = "2.0.2"
+assert_fs = "1.0.6"
+
 [profile.release]
 lto = true
diff --git a/src/main.rs b/src/main.rs
index e336731..aa9cdce 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -4,13 +4,13 @@ mod matched_data;
 
 use crate::matched_data::generate_key_pair;
 use clap::{ArgEnum, Parser};
-use hpke::kex::Serializable;
+use hpke::Serializable;
 use serde::{Deserialize, Serialize};
 use std::io::{stdin, stdout, Write};
 use std::{fs, str};
 
 #[derive(Parser)]
-#[clap(author, version)]
+#[clap(about, author, version)]
 struct Options {
     #[clap(subcommand)]
     command: Command,
@@ -28,7 +28,7 @@ struct GenerateKeyPairOptions {
         short,
         long,
         value_name = "format",
-        about = "Output format of key pair",
+        help = "Output format of key pair",
         default_value = "json"
     )]
     output_format: KeyPairOutputFormat,
@@ -42,13 +42,13 @@ enum DecryptOutputFormat {
 
 #[derive(Parser)]
 struct DecryptOptions {
-    #[clap(about = "File containing the base64 encoded encrypted matched data")]
+    #[clap(help = "File containing the base64 encoded encrypted matched data")]
     matched_data_filename: String,
 
     #[clap(
         short = 'k',
         long,
-        about = "File containing the base64 encoded private key"
+        help = "File containing the base64 encoded private key"
     )]
     private_key_filename: String,
 
@@ -57,7 +57,7 @@ struct DecryptOptions {
         short,
         long,
         value_name = "format",
-        about = "Output format of matched data",
+        help = "Output format of matched data",
         default_value = "utf8-lossy"
     )]
     output_format: DecryptOutputFormat,
diff --git a/src/matched_data.rs b/src/matched_data.rs
index dda8051..a48aca1 100644
--- a/src/matched_data.rs
+++ b/src/matched_data.rs
@@ -3,8 +3,7 @@ use hpke::{
     aead::{AeadTag, ChaCha20Poly1305},
     kdf::HkdfSha256,
     kem::X25519HkdfSha256,
-    kex::{Deserializable, KeyExchange},
-    setup_receiver, EncappedKey, HpkeError, Kem as KemTrait, OpModeR,
+    setup_receiver, Deserializable, HpkeError, Kem as KemTrait, OpModeR,
 };
 use rand::{rngs::StdRng, SeedableRng};
 use serde::{Deserialize, Serialize};
@@ -12,35 +11,33 @@ use serde::{Deserialize, Serialize};
 type Kem = X25519HkdfSha256;
 type Aead = ChaCha20Poly1305;
 type Kdf = HkdfSha256;
-type Kex = <Kem as KemTrait>::Kex;
+
+type PrivateKey = <Kem as KemTrait>::PrivateKey;
+type PublicKey = <Kem as KemTrait>::PublicKey;
+type EncappedKey = <Kem as KemTrait>::EncappedKey;
 
 #[derive(Serialize, Deserialize)]
 pub struct EncryptedData {
-    encapped_key: EncappedKey<Kex>,
+    encapped_key: EncappedKey,
     ciphertext: Vec<u8>,
     tag: AeadTag<Aead>,
 }
 
 // Generates a public-private key pair
-pub fn generate_key_pair() -> (
-    <Kex as KeyExchange>::PrivateKey,
-    <Kex as KeyExchange>::PublicKey,
-) {
+pub fn generate_key_pair() -> (PrivateKey, PublicKey) {
     let mut csprng = StdRng::from_entropy();
     Kem::gen_keypair(&mut csprng)
 }
 
 // Constructs a PrivateKey from an array of bytes
-pub fn get_private_key_from_bytes(
-    private_key_bytes: &[u8],
-) -> Result<<Kex as KeyExchange>::PrivateKey, HpkeError> {
-    <Kex as KeyExchange>::PrivateKey::from_bytes(private_key_bytes)
+pub fn get_private_key_from_bytes(private_key_bytes: &[u8]) -> Result<PrivateKey, HpkeError> {
+    PrivateKey::from_bytes(private_key_bytes)
 }
 
 // Decrypts data with provided private key
 pub fn decrypt_data(
     encrypted_data: &EncryptedData,
-    private_key: &<Kex as KeyExchange>::PrivateKey,
+    private_key: &PrivateKey,
 ) -> Result<Vec<u8>, HpkeError> {
     // Decapsulate and derive the shared secret. Create a shared AEAD context.
     let mut aead_ctx = setup_receiver::<Aead, Kdf, Kem>(
@@ -52,7 +49,7 @@ pub fn decrypt_data(
 
     // Decrypt ciphertext in place
     let mut ciphertext_copy = encrypted_data.ciphertext.clone();
-    aead_ctx.open(&mut ciphertext_copy, &[], &encrypted_data.tag)?;
+    aead_ctx.open_in_place_detached(&mut ciphertext_copy, &[], &encrypted_data.tag)?;
 
     // Rename for clarity
     let plaintext = ciphertext_copy;