diff --git a/wolfcrypt/src/srp.c b/wolfcrypt/src/srp.c
index 73abb6ac8..246db1d70 100644
--- a/wolfcrypt/src/srp.c
+++ b/wolfcrypt/src/srp.c
@@ -322,7 +322,7 @@ int wc_SrpSetParams(Srp* srp, const byte* N,    word32 nSz,
     if (mp_read_unsigned_bin(&srp->N, N, nSz) != MP_OKAY)
         return MP_READ_E;
 
-    if (mp_count_bits(&srp->N) < SRP_DEFAULT_MIN_BITS)
+    if (mp_count_bits(&srp->N) < SRP_MODULUS_MIN_BITS)
         return BAD_FUNC_ARG;
 
     /* Set g */
@@ -512,7 +512,7 @@ int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size)
 
     /* priv = random() */
     if (mp_iszero(&srp->priv) == MP_YES)
-        r = wc_SrpGenPrivate(srp, pub, modulusSz);
+        r = wc_SrpGenPrivate(srp, pub, SRP_PRIVATE_KEY_MIN_BITS / 8);
 
     /* client side: A = g ^ a % N */
     if (srp->side == SRP_CLIENT_SIDE) {
diff --git a/wolfssl/wolfcrypt/srp.h b/wolfssl/wolfcrypt/srp.h
index f09432c02..1e9469472 100644
--- a/wolfssl/wolfcrypt/srp.h
+++ b/wolfssl/wolfcrypt/srp.h
@@ -49,7 +49,10 @@
 #endif
 
 /* Set the minimum number of bits acceptable in an SRP modulus */
-#define SRP_DEFAULT_MIN_BITS 512
+#define SRP_MODULUS_MIN_BITS 512
+
+/* Set the minimum number of bits acceptable for private keys (RFC 5054) */
+#define SRP_PRIVATE_KEY_MIN_BITS 256
 
 /**
  * SRP side, client or server.