diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h
index c25917dd9..c7ec7dc3c 100644
--- a/src/ap/hostapd.h
+++ b/src/ap/hostapd.h
@@ -241,7 +241,7 @@ struct hostapd_data {
 #ifdef CONFIG_SAE
 	/** Key used for generating SAE anti-clogging tokens */
 	u8 sae_token_key[8];
-	os_time_t last_sae_token_key_update;
+	struct os_reltime last_sae_token_key_update;
 #endif /* CONFIG_SAE */
 };
 
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index d553caa42..e55f843c6 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -411,17 +411,17 @@ static struct wpabuf * auth_build_token_req(struct hostapd_data *hapd,
 {
 	struct wpabuf *buf;
 	u8 *token;
-	struct os_time t;
+	struct os_reltime now;
 
-	os_get_time(&t);
-	if (hapd->last_sae_token_key_update == 0 ||
-	    t.sec > hapd->last_sae_token_key_update + 60) {
+	os_get_reltime(&now);
+	if (!os_reltime_initialized(&hapd->last_sae_token_key_update) ||
+	    os_reltime_expired(&now, &hapd->last_sae_token_key_update, 60)) {
 		if (random_get_bytes(hapd->sae_token_key,
 				     sizeof(hapd->sae_token_key)) < 0)
 			return NULL;
 		wpa_hexdump(MSG_DEBUG, "SAE: Updated token key",
 			    hapd->sae_token_key, sizeof(hapd->sae_token_key));
-		hapd->last_sae_token_key_update = t.sec;
+		hapd->last_sae_token_key_update = now;
 	}
 
 	buf = wpabuf_alloc(SHA256_MAC_LEN);
diff --git a/src/utils/os.h b/src/utils/os.h
index f93329224..2e2350a78 100644
--- a/src/utils/os.h
+++ b/src/utils/os.h
@@ -108,6 +108,12 @@ static inline int os_reltime_expired(struct os_reltime *now,
 }
 
 
+static inline int os_reltime_initialized(struct os_reltime *t)
+{
+	return t->sec != 0 || t->usec != 0;
+}
+
+
 /**
  * os_mktime - Convert broken-down time into seconds since 1970-01-01
  * @year: Four digit year