diff --git a/pyproject.toml b/pyproject.toml
index 4d4ca204..d4f28b68 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -51,7 +51,6 @@ gcpkms = ["google-cloud-kms", "cryptography>=40.0.0"]
 azurekms = ["azure-identity", "azure-keyvault-keys", "cryptography>=40.0.0"]
 awskms = ["boto3", "botocore", "cryptography>=40.0.0"]
 hsm = ["asn1crypto", "cryptography>=40.0.0", "PyKCS11"]
-pynacl = ["pynacl>1.2.0"]
 PySPX = ["PySPX>=0.5.0"]
 sigstore = ["sigstore~=2.0"]
 
diff --git a/requirements-pinned.txt b/requirements-pinned.txt
index d908dc9c..9eef3930 100644
--- a/requirements-pinned.txt
+++ b/requirements-pinned.txt
@@ -1,5 +1,5 @@
 #
-# This file is autogenerated by pip-compile with Python 3.10
+# This file is autogenerated by pip-compile with Python 3.11
 # by the following command:
 #
 #    pip-compile --output-file=requirements-pinned.txt requirements.txt
@@ -9,7 +9,6 @@ asn1crypto==1.5.1
 cffi==1.16.0
     # via
     #   cryptography
-    #   pynacl
     #   pyspx
 cryptography==42.0.5
     # via -r requirements.txt
@@ -17,7 +16,5 @@ pycparser==2.22
     # via cffi
 pykcs11==1.5.14
     # via -r requirements.txt
-pynacl==1.5.0
-    # via -r requirements.txt
 pyspx==0.5.0 ; platform_system != "Windows"
     # via -r requirements.txt
diff --git a/requirements.txt b/requirements.txt
index 7bf2c867..b9e800e1 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -6,7 +6,6 @@
 # 'requirements-pinned.txt' is updated on GitHub with Dependabot, which
 # triggers CI/CD builds to automatically test against updated dependencies.
 cryptography >= 37.0.0
-pynacl
 PySPX; platform_system != 'Windows'
 PyKCS11
 asn1crypto