diff --git a/core/java/src/net/i2p/crypto/ElGamalEngine.java b/core/java/src/net/i2p/crypto/ElGamalEngine.java
index 42c659d1cd2c17875f224f701623c6acd3fd41df..5480cc635c6338175901c56768e9c9059215ce9e 100644
--- a/core/java/src/net/i2p/crypto/ElGamalEngine.java
+++ b/core/java/src/net/i2p/crypto/ElGamalEngine.java
@@ -120,8 +120,10 @@ public final class ElGamalEngine {
         long start = _context.clock().now();
 
         byte d2[] = new byte[1+Hash.HASH_LENGTH+data.length];
-        // FIXME this isn't a random nonzero byte!
-        d2[0] = (byte)0xFF;
+        // random nonzero byte
+        do {
+            _context.random().nextBytes(d2, 0, 1);
+        } while (d2[0] == 0);
         _context.sha().calculateHash(data, 0, data.length, d2, 1);
         System.arraycopy(data, 0, d2, 1+Hash.HASH_LENGTH, data.length);