diff --git a/Crypto/ECC.hs b/Crypto/ECC.hs
index bccd946..e2897da 100644
--- a/Crypto/ECC.hs
+++ b/Crypto/ECC.hs
@@ -108,11 +108,7 @@ instance EllipticCurveArith Curve_P256R1 where
     pointSmul _ s p = P256.pointMul s p
 
 instance EllipticCurveDH Curve_P256R1 where
-    ecdh proxy s p = shared
-      where
-        (x, _) = P256.pointToIntegers $ pointSmul proxy s p
-        len = 32 -- (256 + 7) `div` 8
-        shared = SharedSecret $ i2ospOf_ len x
+    ecdh _ s p = SharedSecret $ P256.pointDh s p
 
 data Curve_P384R1 = Curve_P384R1
 
diff --git a/Crypto/PubKey/ECC/P256.hs b/Crypto/PubKey/ECC/P256.hs
index f8fa113..99ecbcc 100644
--- a/Crypto/PubKey/ECC/P256.hs
+++ b/Crypto/PubKey/ECC/P256.hs
@@ -18,6 +18,7 @@ module Crypto.PubKey.ECC.P256
     , pointBase
     , pointAdd
     , pointMul
+    , pointDh
     , pointsMulVarTime
     , pointIsValid
     , toPoint
@@ -48,7 +49,7 @@ import           Crypto.Internal.Compat
 import           Crypto.Internal.Imports
 import           Crypto.Internal.ByteArray
 import qualified Crypto.Internal.ByteArray as B
-import           Data.Memory.PtrMethods (memSet)
+import           Data.Memory.PtrMethods (memSet, memCopy)
 import           Crypto.Error
 import           Crypto.Random
 import           Crypto.Number.Serialize.Internal (os2ip, i2ospOf)
@@ -112,6 +113,14 @@ pointMul scalar p = withNewPoint $ \dx dy ->
     withScalar scalar $ \n -> withPoint p $ \px py -> withScalarZero $ \nzero ->
         ccryptonite_p256_points_mul_vartime nzero n px py dx dy
 
+-- | Similar to 'pointMul', serializing the x coordinate as binary
+pointDh :: ByteArray binary => Scalar -> Point -> binary
+pointDh scalar p =
+    B.unsafeCreate scalarSize $ \dst -> withTempPoint $ \dx dy -> do
+        withScalar scalar $ \n -> withPoint p $ \px py -> withScalarZero $ \nzero ->
+            ccryptonite_p256_points_mul_vartime nzero n px py dx dy
+        memCopy dst (castPtr dx) scalarSize
+
 -- | multiply the point @p with @n2 and add a lifted to curve value @n1
 --
 -- > n1 * G + n2 * p
@@ -282,6 +291,9 @@ withNewScalarFreeze :: (Ptr P256Scalar -> IO ()) -> Scalar
 withNewScalarFreeze f = Scalar $ B.allocAndFreeze scalarSize f
 {-# NOINLINE withNewScalarFreeze #-}
 
+withTempPoint :: (Ptr P256X -> Ptr P256Y -> IO a) -> IO a
+withTempPoint f = allocTempScrubbed scalarSize (\p -> let px = castPtr p in f px (pxToPy px))
+
 withTempScalar :: (Ptr P256Scalar -> IO a) -> IO a
 withTempScalar f = allocTempScrubbed scalarSize (f . castPtr)