diff --git a/.github/workflows/pylint.yaml b/.github/workflows/pylint.yaml
index 054f8f9b..8f63aaa5 100644
--- a/.github/workflows/pylint.yaml
+++ b/.github/workflows/pylint.yaml
@@ -29,7 +29,7 @@ jobs:
       run: |
         python3 -m pip install gmpy2 cryptography pynacl ecdsa aiohttp requests pexpect scrypt semantic-version
         python3 -m pip install pycryptodomex pysocks pycoin ipaddress varint pylint
-        python3 -m pip install --no-deps py_ecc==1.6.0 mypy_extensions==0.4.1 monero pbkdf2
+        python3 -m pip install --no-deps py_ecc==1.6.0 mypy_extensions==0.4.1 monero
 
     - name: Check the code with Pylint static code analyzer
       env:
diff --git a/alt-requirements.txt b/alt-requirements.txt
index 8bd64e08..1a668a67 100644
--- a/alt-requirements.txt
+++ b/alt-requirements.txt
@@ -1,2 +1 @@
 pycryptodomex
-pbkdf2
diff --git a/mmgen/altcoin/util.py b/mmgen/altcoin/util.py
index d25e12e8..39afb3e8 100755
--- a/mmgen/altcoin/util.py
+++ b/mmgen/altcoin/util.py
@@ -48,13 +48,14 @@ def decrypt_keystore(data,passwd,mac_algo=None,mac_params={}):
 	elif kdf == 'pbkdf2':
 		if (prf := parms.get('prf')) != 'hmac-sha256':
 			die(1, f"unsupported hash function {prf!r} (must be 'hmac-sha256')")
-		from pbkdf2 import PBKDF2
-		hashed_pw = PBKDF2(
-			passphrase   = passwd,
-			salt         = bytes.fromhex(parms['salt']),
-			iterations   = parms['c'],
-			digestmodule = 'sha256',
-		).read(parms['dklen'])
+		from cryptography.hazmat.primitives import hashes
+		from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
+		hashed_pw = PBKDF2HMAC(
+			algorithm  = hashes.SHA256(),
+			length     = parms['dklen'],
+			salt       = bytes.fromhex(parms['salt']),
+			iterations = parms['c']
+		).derive(passwd)
 		# see:
 		#   https://github.com/xchainjs/xchainjs-lib.git
 		#   https://github.com/xchainjs/foundry-primitives-js.git