Before we try to answer the question, the following terms must be clear and understandable to all.
How the security leak got into the encryption machine of Crypto AG is not explained in the Washington Post report. However, it is known that Crypto AG protected its secrets well. The foreign governments could not rely on external certification, because the systems and algorithms were proprietary, in other words not accessible to the public (Source: https://www.aargauerzeitung.ch/leben/spionage-thriller-um-die-schweizer-crypto-ag-so-funktioniert-verschluesselung-136373113, german only). This secrecy was supposed to guarantee their security, but this wasn't the case.
At Frama-RMail we focus on transparency with regard to certificates and encryption technology. Because it is not the encryption algorithm itself that is the secret, but the adaptation by the user, as with Frama-RMail.
Frama RMail uses 3DES (triple DES) algorithm validated by Microsoft CryptoAPI 2.0 NIST FIPS-140-2 to check the integrity of the e-mail when sending e-mails via Secure PDF. If the email has been tampered, the sender will receive a verification error message instead of a receipt authentication. In addition, Frama RMail uses cryptographic certificate standards with public keys to substantiate trustworthiness. If direct delivery by e-mail is not possible (See article «Solving the encryption issue with TLS 1.2»), the message is encrypted as PDF 256-bit AES, which is salted with a unique encryption key. The PDF is attached to the e-mail.
Conclusion: When it comes to data protection, you should always look for external verifiability of encryption systems, certificate standards and their distribution, such as NIST FIPS-140-2. In addition, Frama RMail provides secure and confidential digital mailings that comply with the General Data Protection Regulation (GDPR Article 5 Paragraph 1f, Article 32).