Require that users explicitly specify the desired algorithm. In my opinion, we are not in a position to specify the default cipher. When OpenSSL::PKCS7.encrypt is given only two arguments, it uses "RC2-40-CBC" as the symmetric cipher algorithm. 40-bit RC2 is a US export-grade cipher and considered insecure. Although this is technically a breaking change, the impact should be minimal. Even when OpenSSL is compiled with RC2 support and the macro OPENSSL_NO_RC2 is not defined, it will not actually work on modern systems because RC2 is part of the legacy provider. https://github.com/ruby/openssl/commit/439f456bfa