diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3a08761..45f349a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,9 @@ and this project adheres to Rust's notion of
 [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### Fixed
+- Fix a bug on 32-bit platforms that could cause the square root implementation
+  to return an incorrect result.
 
 ## [0.5.0] - 2022-12-06
 ### Added
diff --git a/src/arithmetic/fields.rs b/src/arithmetic/fields.rs
index bd356a2..dc2a382 100644
--- a/src/arithmetic/fields.rs
+++ b/src/arithmetic/fields.rs
@@ -226,7 +226,7 @@ impl<F: SqrtTableHelpers> SqrtTables<F> {
 
         t_ += inv(alpha) << 24; // = t << 1
                                 // 1 == x3 * ROOT_OF_UNITY^t_
-        t_ = (t_ + 1) >> 1;
+        t_ = (((t_ as u64) + 1) >> 1) as usize;
         assert!(t_ <= 0x80000000);
 
         *uv * self.g0[t_ & 0xFF]
diff --git a/src/fields/fp.rs b/src/fields/fp.rs
index 2c2c9b5..3264cba 100644
--- a/src/fields/fp.rs
+++ b/src/fields/fp.rs
@@ -798,6 +798,11 @@ fn test_sqrt() {
     assert!(v == Fp::TWO_INV || (-v) == Fp::TWO_INV);
 }
 
+#[test]
+fn test_sqrt_32bit_overflow() {
+    assert!((Fp::from(5)).sqrt().is_none().unwrap_u8() == 1);
+}
+
 #[test]
 fn test_pow_by_t_minus1_over2() {
     // NB: TWO_INV is standing in as a "random" field element
diff --git a/src/fields/fq.rs b/src/fields/fq.rs
index 9417d2e..8177fa4 100644
--- a/src/fields/fq.rs
+++ b/src/fields/fq.rs
@@ -797,6 +797,11 @@ fn test_sqrt() {
     assert!(v == Fq::TWO_INV || (-v) == Fq::TWO_INV);
 }
 
+#[test]
+fn test_sqrt_32bit_overflow() {
+    assert!((Fq::from(5)).sqrt().is_none().unwrap_u8() == 1);
+}
+
 #[test]
 fn test_pow_by_t_minus1_over2() {
     // NB: TWO_INV is standing in as a "random" field element