diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/EncryptionOptions.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/EncryptionOptions.kt
index 980a2278..60e98626 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/EncryptionOptions.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/EncryptionOptions.kt
@@ -9,6 +9,7 @@ import org.bouncycastle.openpgp.PGPPublicKeyRing
 import org.bouncycastle.openpgp.api.MessageEncryptionMechanism
 import org.bouncycastle.openpgp.api.OpenPGPCertificate
 import org.bouncycastle.openpgp.api.OpenPGPCertificate.OpenPGPComponentKey
+import org.bouncycastle.openpgp.operator.PBEKeyEncryptionMethodGenerator
 import org.bouncycastle.openpgp.operator.PGPKeyEncryptionMethodGenerator
 import org.pgpainless.PGPainless
 import org.pgpainless.algorithm.EncryptionPurpose
@@ -427,6 +428,9 @@ class EncryptionOptions(private val purpose: EncryptionPurpose, private val api:
 
     fun hasEncryptionMethod() = _encryptionMethods.isNotEmpty()
 
+    fun usesOnlyPasswordBasedEncryption() =
+        _encryptionMethods.all { it is PBEKeyEncryptionMethodGenerator }
+
     internal fun negotiateEncryptionMechanism(): MessageEncryptionMechanism {
         if (encryptionMechanismOverride != null) {
             return encryptionMechanismOverride!!
diff --git a/pgpainless-sop/src/main/kotlin/org/pgpainless/sop/EncryptImpl.kt b/pgpainless-sop/src/main/kotlin/org/pgpainless/sop/EncryptImpl.kt
index 87d87b45..6e371ff0 100644
--- a/pgpainless-sop/src/main/kotlin/org/pgpainless/sop/EncryptImpl.kt
+++ b/pgpainless-sop/src/main/kotlin/org/pgpainless/sop/EncryptImpl.kt
@@ -63,7 +63,8 @@ class EncryptImpl(private val api: PGPainless) : Encrypt {
             throw SOPGPException.MissingArg("Missing encryption method.")
         }
 
-        if (profile == RFC9580_PROFILE.name) {
+        if (encryptionOptions.usesOnlyPasswordBasedEncryption() &&
+            profile == RFC9580_PROFILE.name) {
             encryptionOptions.overrideEncryptionMechanism(
                 MessageEncryptionMechanism.aead(
                     SymmetricKeyAlgorithm.AES_128.algorithmId, AEADAlgorithm.OCB.algorithmId))