diff --git a/src/ecmult_gen_impl.h b/src/ecmult_gen_impl.h
index 35f2546077..4ab9c391a7 100644
--- a/src/ecmult_gen_impl.h
+++ b/src/ecmult_gen_impl.h
@@ -150,7 +150,7 @@ static void secp256k1_ecmult_gen(const secp256k1_ecmult_gen_context *ctx, secp25
         secp256k1_ge_from_storage(&add, &adds);
         secp256k1_gej_add_ge(r, r, &add);
     }
-    bits = 0;
+    secp256k1_int_clear(&bits);
     secp256k1_ge_clear(&add);
     secp256k1_scalar_clear(&gnb);
 }
diff --git a/src/group_impl.h b/src/group_impl.h
index 7d723532ff..a4d3ddf257 100644
--- a/src/group_impl.h
+++ b/src/group_impl.h
@@ -7,6 +7,7 @@
 #ifndef _SECP256K1_GROUP_IMPL_H_
 #define _SECP256K1_GROUP_IMPL_H_
 
+#include <string.h>
 #include "num.h"
 #include "field.h"
 #include "group.h"
@@ -213,6 +214,19 @@ static void secp256k1_ge_clear(secp256k1_ge *r) {
     secp256k1_fe_clear(&r->y);
 }
 
+typedef void *(*memset_t)(void *, int, size_t);
+
+static volatile memset_t secure_memset = memset;
+
+static void secp256k1_secure_clear(void *s, size_t n) {
+    (void) secure_memset(s, 0, n);
+
+}
+
+static void secp256k1_int_clear(int *r) {
+    secp256k1_secure_clear(r, sizeof(*r));
+}
+
 static int secp256k1_ge_set_xquad(secp256k1_ge *r, const secp256k1_fe *x) {
     secp256k1_fe x2, x3, c;
     r->x = *x;