I'd prefer not to modify the PuTTY code too much. So I hope they implement this on their side.

Hello Martin,

Thanks for providing the link to Cipher selection UI is messy and irrational on the PuTTY wishlist.

I think the author of that wish expressed the problem very well. It's unfortunate that no action has been taken since it was logged in 2007...

I really like the WinSCP .Net library and would very much like to use it in the project that I'm currently working on but in order to comply with my customer's security policy I have to ensure that a minimum encryption algorithm of AES 256 is used. So unfortunately I will have to find an alternative library that can meet my needs.

Is there any possibility that in the future you might be able to enhance the the PuTTY code that WinSCP depends on so it is possible to select specific algorithms?

You can configure WinSCP to warn, when any non-AES algorithm is about to be used:
https://winscp.net/eng/docs/ui_login_ssh
You cannot configure WinSCP to avoid using AES wearer then 256 though.
This feature is on PuTTY TODO list:
https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/cipher-selection.html

I'm working on a project where files are to be uploaded to various third party SFTP servers that are not under my control.

The security team that I'm working with have specified that I must use an encryption algorithm of either aes256-ctr or aes256-gcm when connecting to an SFTP server. If an SFTP server doesn't support aes256-ctr or aes256-gcm then the connection must fail.

WinSCP does not support aes256-gcm but it does support aes256-ctr. Is there a way of specifying that aes256-ctr must be used?

If WinSCP does not currently support this, is it a feature that could be added in the future?