Both players must contribute to the secret and a confounding factor is required to exchange the contributions without revealing them.

**Commanding OpenSSL to do the hard work**

First your secret contribution:

Code: Select all

`openssl genpkey -algorithm X25519 -out contribution`

Now the confounded version for sharing:

Code: Select all

`openssl pkey -in contribution -pubout -out confounded`

Code: Select all

```
-----BEGIN PUBLIC KEY-----
MCowBQYDK2VuAyEAIA2nOyv2LtvlcLqEHQz6owx9dBQ7Ie74U+B7qmXnqEk=
-----END PUBLIC KEY-----
```

When 2 players have pasted their confounded contributions, they can compute their common secret:

Code: Select all

```
openssl pkeyutl -derive -inkey contribution -peerkey another_confounded -out common_secret
```