diff --git a/combo/apps/lingo/models.py b/combo/apps/lingo/models.py
index 3d0d714e..4a78e392 100644
--- a/combo/apps/lingo/models.py
+++ b/combo/apps/lingo/models.py
@@ -35,7 +35,7 @@ from django.utils import timezone, dateparse, six
 from django.core.mail import EmailMultiAlternatives
 from django.urls import reverse
 from django.core.exceptions import ObjectDoesNotExist, PermissionDenied, ValidationError
-from django.utils.encoding import python_2_unicode_compatible
+from django.utils.encoding import force_bytes, python_2_unicode_compatible
 from django.utils.formats import localize
 from django.utils.http import urlencode
 from django.utils.six.moves.urllib import parse as urlparse
@@ -458,7 +458,7 @@ class RemoteItem(object):
 
     @property
     def crypto_id(self):
-        return aes_hex_encrypt(settings.SECRET_KEY, str(self.id))
+        return aes_hex_encrypt(settings.SECRET_KEY, force_bytes(str(self.id)))
 
 
 class Transaction(models.Model):
diff --git a/combo/utils/crypto.py b/combo/utils/crypto.py
index 31875e0a..01620963 100644
--- a/combo/utils/crypto.py
+++ b/combo/utils/crypto.py
@@ -16,9 +16,9 @@
 
 import binascii
 
-from Crypto.Cipher import AES
-from Crypto.Protocol.KDF import PBKDF2
-from Crypto import Random
+from Cryptodome.Cipher import AES
+from Cryptodome.Protocol.KDF import PBKDF2
+from Cryptodome import Random
 
 from django.utils import six
 from django.utils.encoding import force_text
diff --git a/setup.py b/setup.py
index b868970b..c94a39c0 100644
--- a/setup.py
+++ b/setup.py
@@ -164,6 +164,7 @@ setup(
         'django-ratelimit<3',
         'sorl-thumbnail',
         'Pillow',
+        'pycryptodomex',
         'pyproj',
         'pywebpush',
         'pygal',
diff --git a/tests/test_lingo_remote_regie.py b/tests/test_lingo_remote_regie.py
index b68d8fe6..e11ac578 100644
--- a/tests/test_lingo_remote_regie.py
+++ b/tests/test_lingo_remote_regie.py
@@ -13,7 +13,7 @@ from django.test import override_settings
 from django.urls import reverse
 from django.conf import settings
 from django.core.management import call_command
-from django.utils.encoding import force_text
+from django.utils.encoding import force_bytes, force_text
 from django.utils.six.moves.urllib import parse as urlparse
 from django.utils.timezone import timedelta, now
 from django.contrib.auth.models import User
@@ -220,7 +220,7 @@ def test_remote_regie_past_invoices_cell(mock_send, remote_regie):
 @mock.patch('combo.apps.lingo.models.requests.get')
 def test_anonymous_successful_item_payment(mock_get, mock_pay_invoice, app, remote_regie):
     assert remote_regie.is_remote() == True
-    encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, 'F201601')
+    encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, force_bytes('F201601'))
     # invoice with amount_paid
     invoices = copy.deepcopy(INVOICES)
     invoices[0]['amount'] = '100.00'
@@ -294,7 +294,7 @@ def test_anonymous_successful_item_payment(mock_get, mock_pay_invoice, app, remo
 @mock.patch('combo.apps.lingo.models.requests.get')
 def test_anonymous_item_payment_email_error(mock_get, app, remote_regie):
     assert remote_regie.is_remote() == True
-    encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, 'F201601')
+    encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, force_bytes('F201601'))
     mock_json = mock.Mock()
     mock_json.json.return_value = {'err': 0, 'data': INVOICES[0]}
     mock_get.return_value = mock_json
@@ -363,7 +363,7 @@ def test_remote_item_payment_failure(mock_post, mock_get, mock_pay_invoice, app,
     page = Page(title='xxx', slug='active-remote-invoices-page', template_name='standard')
     page.save()
     assert remote_regie.is_remote()
-    encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, 'F201601')
+    encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, force_bytes('F201601'))
     mock_json = mock.Mock()
     mock_json.json.return_value = {'err': 0, 'data': INVOICES[0]}
     mock_get.return_value = mock_json
@@ -432,7 +432,7 @@ def test_remote_invoice_successfull_payment_redirect(mock_get, mock_pay_invoice,
     page = Page(title='xxx', slug='active-remote-invoices-page', template_name='standard')
     page.save()
     assert remote_regie.is_remote()
-    encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, 'F201601')
+    encrypt_id = aes_hex_encrypt(settings.SECRET_KEY, force_bytes('F201601'))
     mock_json = mock.Mock()
     mock_json.json.return_value = {'err': 0, 'data': INVOICES[0]}
     mock_get.return_value = mock_json
diff --git a/tests/test_utils.py b/tests/test_utils.py
index 356bc022..f5eebf9b 100644
--- a/tests/test_utils.py
+++ b/tests/test_utils.py
@@ -7,6 +7,7 @@ from django.test import override_settings
 from django.template import Context, RequestContext
 from django.test.client import RequestFactory
 from django.contrib.auth.models import AnonymousUser
+from django.utils.encoding import force_bytes
 
 
 class MockUser(object):
@@ -25,7 +26,7 @@ class MockUser(object):
 def test_crypto_url():
     invoice_id = '12-1234'
     key = settings.SECRET_KEY
-    assert aes_hex_decrypt(key, aes_hex_encrypt(key, invoice_id)) == invoice_id
+    assert aes_hex_decrypt(key, aes_hex_encrypt(key, force_bytes(invoice_id))) == invoice_id
 
 
 def test_templated_url():