GPG offers strong algorithms but they are not used by default due to backwards compatibility with PGP users (that argument could well be something created by the NSA)
Enough people use GnuPG for this not to be an issue. Besides, I believe the default is now 2048-bit RSA which is more than enough for a few years, and supported by PGP. 4096-bit might make you feel comfy, but it's overkill. Much more practical to stick with the default for now, and switch to ECDSA or better in a few years when it is hopefully standardised.
Simon