diff --git a/Cargo.lock b/Cargo.lock
index ba3aa9b2..aa5654bb 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1517,6 +1517,7 @@ dependencies = [
  "ff-group-tests",
  "group",
  "rand_core 0.6.4",
+ "sha2 0.9.9",
  "subtle",
  "zeroize",
 ]
diff --git a/crypto/dalek-ff-group/Cargo.toml b/crypto/dalek-ff-group/Cargo.toml
index aea5f2a9..fa6a1395 100644
--- a/crypto/dalek-ff-group/Cargo.toml
+++ b/crypto/dalek-ff-group/Cargo.toml
@@ -23,6 +23,8 @@ ff = "0.12"
 group = "0.12"
 
 crypto-bigint = "0.4"
+
+sha2 = "0.9"
 curve25519-dalek =  "3.2"
 
 [dev-dependencies]
diff --git a/crypto/dalek-ff-group/src/lib.rs b/crypto/dalek-ff-group/src/lib.rs
index c60bbb5c..09e18c88 100644
--- a/crypto/dalek-ff-group/src/lib.rs
+++ b/crypto/dalek-ff-group/src/lib.rs
@@ -354,15 +354,12 @@ macro_rules! dalek_group {
       type Scalar = Scalar;
       fn random(mut rng: impl RngCore) -> Self {
         loop {
-          let mut bytes = field::FieldElement::random(&mut rng).to_repr();
-          bytes[31] |= u8::try_from(rng.next_u32() % 2).unwrap() << 7;
-          let opt = Self::from_bytes(&bytes);
-          if opt.is_some().into() {
-            let opt = opt.unwrap();
-            // Ban identity, per the trait specification
-            if !bool::from(opt.is_identity()) {
-              return opt;
-            }
+          let mut bytes = [0; 64];
+          rng.fill_bytes(&mut bytes);
+          let point = $Point($DPoint::hash_from_bytes::<sha2::Sha512>(&bytes));
+          // Ban identity, per the trait specification
+          if !bool::from(point.is_identity()) {
+            return point;
           }
         }
       }