NBU Establishes New Cryptographic Standard: Slovakia Enters the Post-Quantum Era

15. októbra 2025

The document "Recommendations for Cryptographic Algorithms – v1.0", issued by the National Security Authority (NBÚ) on October 8, 2025, represents a strategic milestone and announces Slovakia's transition into the post-quantum era – a period in which true security will be determined by resilience, not the legacy of classical mathematics.

For decades, state institutions, critical infrastructure operators, and private enterprises have relied on the same cryptographic foundations: AES, RSA, and elliptic curve (ECC) algorithms. These technologies have protected financial transactions, energy grids, industrial systems, and communication channels. However, the development of quantum computers fundamentally changes the situation – algorithms that were previously considered secure may become vulnerable and allow encryption to be broken within hours.

NBÚ has therefore issued recommendations that provide a clear national framework for the transition to post-quantum cryptography (PQC) – a new generation of standards designed to withstand attacks using quantum computing.

Main Principles of the New Recommendation

The document establishes specific parameters and priorities for individual categories of cryptographic tools:



  • Symmetric encryption: mandatory use of 256-bit keys (e.g., AES-256, Camellia-256, Twofish-256).
  • Hash functions: output resistant to quantum attacks with a length of at least 384 bits (SHA-384, SHA-512, SHA3-512, SHAKE256).
  • Asymmetric algorithms and digital signatures: transition to post-quantum algorithms ML-KEM for key exchange and ML-DSA or SLH-DSA for signatures.
  • Hybrid cryptography: recommended during the transition period – a combination of classical and post-quantum algorithms to maintain compatibility.
  • Password protection: modern standards Argon2id or scrypt as a replacement for outdated schemes.
  • Random number generation: only sources meeting NIST SP 800-90 or BSI AIS 20/31 standards.

In addition to technical details, the document emphasizes the principle of crypto-agility – the ability of systems to flexibly change algorithms without disrupting operations. Organizations should maintain an inventory of where cryptography is used, store algorithm identifiers along with data, and prepare for gradual migration.

Significance for Critical Infrastructure

For AKI SR members – operating in sectors such as energy, telecommunications, transport, water management, and digital services – these recommendations are of exceptional importance.

Critical infrastructure often uses systems with long life cycles that operate for 15 to 25 years. Cryptographic reworking of such systems is demanding and takes years, so it is necessary to start today. Early implementation of NBÚ guidelines will help prevent unplanned and financially demanding interventions in the future.

The new document also aligns Slovakia with European Union Recommendation 2024/1101 on the transition to post-quantum cryptography. This will ensure the interoperability of national systems with the European framework of digital sovereignty and strengthen Slovakia's position as a proactive and responsible EU member state.

AKI SR Statement

The Critical Infrastructure Association of the Slovak Republic welcomes the publication of this document. This is an important step that brings clarity at a time when artificial intelligence, automation, and quantum technologies are fundamentally changing the rules in the field of cybersecurity. AKI SR will continue to support its members in implementing these recommendations – through expert discussions, educational activities, and the exchange of experiences between the public and private sectors.

Cooperation with research institutions, security-certified companies, and European partners will also be key to ensuring that the transition to post-quantum cryptography is not only technically managed but also economically sustainable. Slovakia now has a unique opportunity to rank among the leaders in quantum-resistant infrastructure.

However, this requires every operator – from national enterprises to regional IT services – to begin analyzing their systems, planning migration, and building architectures prepared for future algorithms. The sooner these steps begin, the stronger the country's resilience as a whole will be.

About AKI SR

The Critical Infrastructure Association of the Slovak Republic (AKI SR) brings together organizations from the public and private sectors. Together, they strengthen national resilience, cybersecurity, and the protection of vital services.

More information: www.akisr.sk

Approved National Cybersecurity Strategy for 2026 to 2030 Will Strengthen Critical Infrastructure Protection

4. februára 2026
Slovakia has a new strategic compass for protecting digital space.

Schválená Národná stratégia kybernetickej bezpečnosti na roky 2026 až 2030 posilní ochranu kritickej infraštruktúry

4. februára 2026
Slovensko má nový strategický kompas pre ochranu digitálneho priestoru.

Government Approved the Resilience Strategy for Critical Entities of the Slovak Republic – A Key Milestone in Strengthening Slovakia's Resilience

28. januára 2026
The Government of the Slovak Republic at its meeting on January 9, 2026 approved the Resilience Strategy for Critical Entities of the Slovak Republic.

Vláda schválila Stratégiu odolnosti kritických subjektov SR – kľúčový míľnik v posilňovaní odolnosti Slovenska

28. januára 2026
Vláda Slovenskej republiky na svojom rokovaní 9. januára 2026 schválila Stratégiu odolnosti kritických subjektov Slovenskej republiky.

Slovak Investment Holding Offers AKI SR Members Support in Financing Resilience

19. januára 2026
New legislative amendments in the area of critical infrastructure in the form of the Critical Infrastructure Act, which came into effect on January 1, 2025, bring new requirements for critical entities regarding risk management, ensuring essential services, and increasing the resilience of critical infrastructure.

Slovak Investment Holding ponúka členom AKI SR podporu pri financovaní odolnosti

19. januára 2026
Nové legislatívne úpravy v oblasti kritickej infraštruktúry v podobe zákona o kritickej infraštruktúre, ktorý nadobudol účinnosť 1.1.2025, prinášajú pre kritické subjekty nové požiadavky na riadenie rizík, zabezpečenie základných služieb a zvyšovanie odolnosti kritickej infraštruktúry. 

Silent Monitoring of Communications Application Users' Behavior and Its Significance for Critical Infrastructure Protection

19. decembra 2025
In December 2025, a practical proof of vulnerability in the communications applications WhatsApp and Signal was published, enabling silent monitoring of user behaviour based exclusively on knowledge of their phone number.

Tiché sledovanie správania používateľov komunikačných aplikácií a jeho význam pre ochranu kritickej infraštruktúry

19. decembra 2025
V decembri 2025 bol zverejnený praktický dôkaz zraniteľnosti komunikačných aplikácií WhatsApp a Signal , ktorý umožňuje tiché sledovanie správania používateľov výlučne na základe znalosti ich telefónneho čísla.

SOPK and AKI SR signed a memorandum of cooperation

17. decembra 2025
Yesterday, December 16, 2025, a memorandum of cooperation was signed between the Slovak Chamber of Commerce and Industry (SOPK) and the Critical Infrastructure Association of the Slovak Republic (AKI SR). The memorandum was signed by Peter Mihók, President of the Slovak Chamber of Commerce and Industry and Tibor Straka, President of the Critical Infrastructure Association of the Slovak Republic.

SOPK a AKI SR podpísali memorandum o spolupráci

17. decembra 2025
Včera 16. decembra 2025 bolo podpísané memorandum o spolupráci medzi Slovenskou obchodnou a priemyselnou komorou (SOPK) a Asociáciou kritickej infraštruktúry Slovenskej republiky (AKI SR). Memorandum podpísali Peter Mihók, predseda Slovenskej obchodnej a priemyselnej komory a Tibor Straka, prezident Asociácie kritickej infraštruktúry Slovenskej republiky.