diff --git a/clientsession.cabal b/clientsession.cabal
--- a/clientsession.cabal
+++ b/clientsession.cabal
@@ -1,5 +1,5 @@
 name:            clientsession
-version:         0.9
+version:         0.9.0.1
 license:         BSD3
 license-file:    LICENSE
 author:          Michael Snoyman <michael@snoyman.com>, Felipe Lessa <felipe.lessa@gmail.com>
diff --git a/src/Web/ClientSession.hs b/src/Web/ClientSession.hs
--- a/src/Web/ClientSession.hs
+++ b/src/Web/ClientSession.hs
@@ -100,7 +100,12 @@
 -- should have 64 bytes (512 bits).
 --
 -- See also 'getDefaultKey' and 'initKey'.
-data Key = Key { aesKey :: !A.Key
+data Key = Key { aesKey ::
+#if MIN_VERSION_cipher_aes(0, 2, 0)
+                    !A.AES
+#else
+                    !A.Key
+#endif
                  -- ^ AES key with 32 bytes.
                , macKey :: !(S.ByteString -> Skein_512_256)
                  -- ^ Skein-MAC key.  Instead of storing the key
@@ -122,13 +127,21 @@
 
 -- | The initialization vector used by AES.  Should be exactly 16
 -- bytes long.
-newtype IV = IV A.IV
+newtype IV = IV S.ByteString
 
 unsafeMkIV :: S.ByteString -> IV
+#if MIN_VERSION_cipher_aes(0, 2, 0)
+unsafeMkIV bs = (IV bs)
+#else
 unsafeMkIV bs = (IV (A.IV bs))
+#endif
 
 unIV :: IV -> S.ByteString
+#if MIN_VERSION_cipher_aes(0, 2, 0)
+unIV (IV bs) = bs
+#else
 unIV (IV (A.IV bs)) = bs
+#endif
 
 instance Eq IV where
   (==) = (==) `on` unIV
@@ -222,9 +235,9 @@
         -> S.ByteString -- ^ Serialized cookie data.
         -> S.ByteString -- ^ Encoded cookie data to be given to
                         -- the client browser.
-encrypt key (IV (A.IV iv)) x = B.encode final
+encrypt key (IV iv) x = B.encode final
   where
-    encrypted  = A.encryptCTR (aesKey key) (A.IV iv) x
+    encrypted  = A.encryptCTR (aesKey key) iv x
     toBeAuthed = iv `S.append` encrypted
     auth       = macKey key toBeAuthed
     final      = encode auth `S.append` toBeAuthed
@@ -243,7 +256,12 @@
         auth' = macKey key toBeAuthed
     guard (encode auth' `constTimeEq` auth)
     let (iv, encrypted) = S.splitAt 16 toBeAuthed
-    return $! A.decryptCTR (aesKey key) (A.IV iv) encrypted
+#if MIN_VERSION_cipher_aes(0, 2, 0)
+    let iv' = iv
+#else
+    let iv' = A.IV iv
+#endif
+    return $! A.decryptCTR (aesKey key) iv' encrypted
 
 
 -- Significantly more efficient random IV generation. Initial
@@ -265,18 +283,8 @@
 -- | Reseed the CPRNG with new entropy from the system pool.
 aesReseed :: IO ()
 aesReseed = do
-  let len :: Tagged AESRNG ByteLength
-      len = genSeedLength
-  ent <- getEntropy (untag len)
-  I.atomicModifyIORef aesRef $
-       \(ASt rng _) ->
-           case reseed ent rng of
-             Right rng' -> (ASt rng' 0, ())
-             Left  _    -> (ASt rng  0, ())
-             -- Use the old RNG, but force a reseed
-             -- after another 'threshold' uses of it.
-             -- In theory, we will never reach this
-             -- branch, but if we do, we're safe.
+  rng' <- makeSystem
+  I.writeIORef aesRef $ ASt rng' 0
 
 -- | 'IORef' that keeps the current state of the CPRNG.  Yep,
 -- global state.  Used in thread-safe was only, though.
