diff --git a/library/dhm.c b/library/dhm.c
index befa99850..e8055be71 100644
--- a/library/dhm.c
+++ b/library/dhm.c
@@ -150,25 +150,15 @@ int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
 }
 
 /*
- * Pick a random R in the range [2, M) for blinding or key generation.
+ * Pick a random R in the range [2, M-2] for blinding or key generation.
  */
 static int dhm_random_below( mbedtls_mpi *R, const mbedtls_mpi *M,
                 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
 {
-    int ret, count;
+    int ret;
 
-    count = 0;
-    do
-    {
-        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( R, mbedtls_mpi_size( M ), f_rng, p_rng ) );
-
-        while( mbedtls_mpi_cmp_mpi( R, M ) >= 0 )
-            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( R, 1 ) );
-
-        if( count++ > 10 )
-            return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
-    }
-    while( dhm_check_range( R, M ) != 0 );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_random( R, 3, M, f_rng, p_rng ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( R, R, 1 ) );
 
 cleanup:
     return( ret );
diff --git a/tests/suites/test_suite_dhm.data b/tests/suites/test_suite_dhm.data
index fcfc5cf7a..773fe3b9c 100644
--- a/tests/suites/test_suite_dhm.data
+++ b/tests/suites/test_suite_dhm.data
@@ -74,7 +74,7 @@ Diffie-Hellman trivial subgroup #2
 dhm_do_dhm:10:"23":1:10:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
 
 Diffie-Hellman small modulus
-dhm_do_dhm:10:"3":1:10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED
+dhm_do_dhm:10:"3":1:10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED+MBEDTLS_ERR_MPI_BAD_INPUT_DATA
 
 Diffie-Hellman zero modulus
 dhm_do_dhm:10:"0":1:10:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA