diff --git a/aodh/coordination.py b/aodh/coordination.py
index 4dc00f886..ab88d1ad8 100644
--- a/aodh/coordination.py
+++ b/aodh/coordination.py
@@ -13,12 +13,12 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 import bisect
-import hashlib
 import struct
 
 from oslo_config import cfg
 from oslo_log import log
 from oslo_utils import encodeutils
+from oslo_utils.secretutils import md5
 from oslo_utils import uuidutils
 import tenacity
 import tooz.coordination
@@ -78,8 +78,8 @@ class HashRing(object):
 
     @staticmethod
     def _hash(key):
-        return struct.unpack_from('>I',
-                                  hashlib.md5(str(key).encode()).digest())[0]
+        return struct.unpack_from(
+            '>I', md5(str(key).encode(), usedforsecurity=False).digest())[0]
 
     def _get_position_on_ring(self, key):
         hashed_key = self._hash(key)
diff --git a/requirements.txt b/requirements.txt
index 551d6a0af..cc0d11931 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -17,7 +17,7 @@ pbr>=2.0.0 # Apache-2.0
 pecan>=0.8.0
 oslo.messaging>=5.2.0 # Apache-2.0
 oslo.middleware>=3.22.0 # Apache-2.0
-oslo.utils>=3.5.0 # Apache-2.0
+oslo.utils>=4.7.0 # Apache-2.0
 python-keystoneclient>=1.6.0
 pytz>=2013.6
 requests>=2.5.2