diff --git a/library/bignum_mod.c b/library/bignum_mod.c
index f2c11a582..60c073ac4 100644
--- a/library/bignum_mod.c
+++ b/library/bignum_mod.c
@@ -77,7 +77,14 @@ void mbedtls_mpi_mod_modulus_free( mbedtls_mpi_mod_modulus *m )
     switch( m->int_rep )
     {
         case MBEDTLS_MPI_MOD_REP_MONTGOMERY:
-            mbedtls_free( m->rep.mont );
+            if (m->rep.mont.rr != NULL)
+            {
+                mbedtls_platform_zeroize( (mbedtls_mpi_uint *) m->rep.mont.rr,
+                                           m->limbs );
+                mbedtls_free( (mbedtls_mpi_uint *)m->rep.mont.rr );
+                m->rep.mont.rr = NULL;
+            }
+            m->rep.mont.mm = 0;
             break;
         case MBEDTLS_MPI_MOD_REP_OPT_RED:
             mbedtls_free( m->rep.ored );
@@ -93,6 +100,41 @@ void mbedtls_mpi_mod_modulus_free( mbedtls_mpi_mod_modulus *m )
     m->int_rep = MBEDTLS_MPI_MOD_REP_INVALID;
 }
 
+static int set_mont_const_square( const mbedtls_mpi_uint **X,
+                                  const mbedtls_mpi_uint *A,
+                                  size_t limbs )
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi N;
+    mbedtls_mpi RR;
+    *X = NULL;
+
+    mbedtls_mpi_init( &N );
+    mbedtls_mpi_init( &RR );
+
+    if ( A == NULL || limbs == 0 || limbs >= ( MBEDTLS_MPI_MAX_LIMBS / 2 ) - 2 )
+        goto cleanup;
+
+    if ( mbedtls_mpi_grow( &N, limbs ) )
+        goto cleanup;
+
+    memcpy( N.p, A, sizeof(mbedtls_mpi_uint) * limbs );
+
+    ret = mbedtls_mpi_core_get_mont_r2_unsafe(&RR, &N);
+
+    if ( ret == 0 )
+    {
+        *X = RR.p;
+        RR.p = NULL;
+    }
+
+cleanup:
+    mbedtls_mpi_free(&N);
+    mbedtls_mpi_free(&RR);
+    ret = ( ret != 0 ) ? MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED : 0;
+    return( ret );
+}
+
 int mbedtls_mpi_mod_modulus_setup( mbedtls_mpi_mod_modulus *m,
                                    const mbedtls_mpi_uint *p,
                                    size_t p_limbs,
@@ -120,7 +162,8 @@ int mbedtls_mpi_mod_modulus_setup( mbedtls_mpi_mod_modulus *m,
     {
         case MBEDTLS_MPI_MOD_REP_MONTGOMERY:
             m->int_rep = int_rep;
-            m->rep.mont = NULL;
+            m->rep.mont.mm = mbedtls_mpi_core_montmul_init( m->p );
+            ret = set_mont_const_square( &m->rep.mont.rr, m->p, m->limbs );
             break;
         case MBEDTLS_MPI_MOD_REP_OPT_RED:
             m->int_rep = int_rep;
diff --git a/library/bignum_mod.h b/library/bignum_mod.h
index c25eb8742..3b3338c2d 100644
--- a/library/bignum_mod.h
+++ b/library/bignum_mod.h
@@ -53,7 +53,11 @@ typedef struct
     size_t limbs;
 } mbedtls_mpi_mod_residue;
 
-typedef void *mbedtls_mpi_mont_struct;
+typedef struct {
+    mbedtls_mpi_uint const *rr;  /* The residue for 2^{2*n*biL} mod N */
+    mbedtls_mpi_uint mm;         /* Montgomery const for -N^{-1} mod 2^{ciL} */
+} mbedtls_mpi_mont_struct;
+
 typedef void *mbedtls_mpi_opt_red_struct;
 
 typedef struct {
diff --git a/tests/suites/test_suite_bignum_mod.function b/tests/suites/test_suite_bignum_mod.function
index 9f7320965..ad89bdf3e 100644
--- a/tests/suites/test_suite_bignum_mod.function
+++ b/tests/suites/test_suite_bignum_mod.function
@@ -25,12 +25,28 @@ void mpi_mod_setup( int ext_rep, int int_rep, int iret )
     ret = mbedtls_mpi_mod_modulus_setup( &m, mp, MLIMBS, ext_rep, int_rep );
     TEST_EQUAL( ret, iret );
 
+    /* Only test if the constants have been set-up  */
+    if ( ret == 0 && int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY )
+    {
+        /* Test that the consts have been calculated */
+        TEST_ASSERT( m.rep.mont.rr != NULL );
+        TEST_ASSERT( m.rep.mont.mm != 0 );
+
+    }
+
     /* Address sanitiser should catch if we try to free mp */
     mbedtls_mpi_mod_modulus_free( &m );
 
     /* Make sure that the modulus doesn't have reference to mp anymore */
     TEST_ASSERT( m.p != mp );
 
+    /* Only test if the constants have been set-up  */
+    if ( ret == 0 && int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY )
+    {
+        /* Verify the data and pointers allocated have been properly wiped */
+        TEST_ASSERT( m.rep.mont.rr == NULL );
+        TEST_ASSERT( m.rep.mont.mm == 0 );
+    }
 exit:
     /* It should be safe to call an mbedtls free several times */
     mbedtls_mpi_mod_modulus_free( &m );
diff --git a/tests/suites/test_suite_bignum_mod_raw.function b/tests/suites/test_suite_bignum_mod_raw.function
index 88b891780..7c9d5dbe4 100644
--- a/tests/suites/test_suite_bignum_mod_raw.function
+++ b/tests/suites/test_suite_bignum_mod_raw.function
@@ -134,6 +134,7 @@ void mpi_mod_raw_cond_assign( data_t * input_X,
     ASSERT_ALLOC( Y, limbs );
 
     ASSERT_ALLOC( buff_m, limbs );
+    memset( buff_m, 0xFF, copy_bytes );
     TEST_ASSERT( mbedtls_mpi_mod_modulus_setup(
                         &m, buff_m, copy_limbs,
                         MBEDTLS_MPI_MOD_EXT_REP_BE,
@@ -214,6 +215,7 @@ void mpi_mod_raw_cond_swap( data_t * input_X,
     ASSERT_ALLOC( tmp_Y, limbs );
 
     ASSERT_ALLOC( buff_m, copy_limbs );
+    memset( buff_m, 0xFF, copy_bytes );
     TEST_ASSERT( mbedtls_mpi_mod_modulus_setup(
                         &m, buff_m, copy_limbs,
                         MBEDTLS_MPI_MOD_EXT_REP_BE,