diff --git a/fe.go b/fe.go
index 6d94733..bd94255 100644
--- a/fe.go
+++ b/fe.go
@@ -109,21 +109,3 @@ func fieldElementFromDecimal(s string) *radix51.FieldElement {
 	}
 	return new(radix51.FieldElement).FromBig(n)
 }
-
-// The order of the field, 2^255 - 19, in 51-bit little endian form.
-var fieldOrder = [5]uint64{0x7ffffffffffed, 0x7ffffffffffff, 0x7ffffffffffff, 0x7ffffffffffff, 0x7ffffffffffff}
-
-// feMinimal returns true if the given field element is less than the order of the field.
-func feMinimal(fe *radix51.FieldElement) bool {
-	for i := 4; ; i-- {
-		v := fe[i]
-		if v > fieldOrder[i] {
-			return false
-		} else if v < fieldOrder[i] {
-			break
-		} else if i == 0 {
-			return false
-		}
-	}
-	return true
-}
diff --git a/ristretto255.go b/ristretto255.go
index 03ac4b0..c5c1827 100644
--- a/ristretto255.go
+++ b/ristretto255.go
@@ -8,6 +8,7 @@
 package ristretto255
 
 import (
+	"bytes"
 	"errors"
 
 	"github.com/gtank/ristretto255/internal/edwards25519"
@@ -191,8 +192,8 @@ func (ee *Element) Encode() []byte {
 	return s.Bytes(nil)
 }
 
-// Decode decodes the canonical bytestring encoding of an element into a Ristretto element.
-// Returns nil on success.
+// Decode decodes the canonical bytestring encoding of an element into a
+// Ristretto element.
 func (e *Element) Decode(in []byte) error {
 	if len(in) != 32 {
 		return errInvalidEncoding
@@ -203,8 +204,13 @@ func (e *Element) Decode(in []byte) error {
 	s.FromBytes(in)
 
 	// If the resulting value is >= p, decoding fails.
+	var buf [32]byte
+	if !bytes.Equal(s.Bytes(buf[:0]), in) {
+		return errInvalidEncoding
+	}
+
 	// If IS_NEGATIVE(s) returns TRUE, decoding fails.
-	if !feMinimal(s) || s.IsNegative() == 1 {
+	if s.IsNegative() == 1 {
 		return errInvalidEncoding
 	}