1. Wouldn't you lose one bit of entropy? (As only half of x values between 0 and n-1 leads to a pair of points)
Using Kx+(Ky&1) should make it a bit better right?
Uhmm... if you don't want to leak even a single entropy bit, I think it's better SHA256(K)