diff --git a/Crypto/PubKey/Curve25519.hs b/Crypto/PubKey/Curve25519.hs
index d8463eb..e3416c8 100644
--- a/Crypto/PubKey/Curve25519.hs
+++ b/Crypto/PubKey/Curve25519.hs
@@ -92,7 +92,10 @@ dhSecret bs
     | B.length bs == 32 = CryptoPassed $ DhSecret $ B.copyAndFreeze bs (\_ -> return ())
     | otherwise         = CryptoFailed CryptoError_SharedSecretSizeInvalid
 
--- | Compute the Diffie Hellman secret from a public key and a secret key
+-- | Compute the Diffie Hellman secret from a public key and a secret key.
+--
+-- This implementation may return an all-zero value as it does not check for
+-- the condition.
 dh :: PublicKey -> SecretKey -> DhSecret
 dh (PublicKey pub) (SecretKey sec) = DhSecret <$>
     B.allocAndFreeze 32        $ \result ->
diff --git a/Crypto/PubKey/Curve448.hs b/Crypto/PubKey/Curve448.hs
index 68e1256..95feaf3 100644
--- a/Crypto/PubKey/Curve448.hs
+++ b/Crypto/PubKey/Curve448.hs
@@ -79,7 +79,10 @@ dhSecret bs
     | B.length bs == x448_bytes = CryptoPassed $ DhSecret $ B.copyAndFreeze bs (\_ -> return ())
     | otherwise                 = CryptoFailed CryptoError_SharedSecretSizeInvalid
 
--- | Compute the Diffie Hellman secret from a public key and a secret key
+-- | Compute the Diffie Hellman secret from a public key and a secret key.
+--
+-- This implementation may return an all-zero value as it does not check for
+-- the condition.
 dh :: PublicKey -> SecretKey -> DhSecret
 dh (PublicKey pub) (SecretKey sec) = DhSecret <$>
     B.allocAndFreeze x448_bytes $ \result ->