NBU Establishes New Cryptographic Standard: Slovakia Enters the Post-Quantum Era

15. októbra 2025

The document "Recommendations for Cryptographic Algorithms – v1.0", issued by the National Security Authority (NBÚ) on October 8, 2025, represents a strategic milestone and announces Slovakia's transition into the post-quantum era – a period in which true security will be determined by resilience, not the legacy of classical mathematics.

For decades, state institutions, critical infrastructure operators, and private enterprises have relied on the same cryptographic foundations: AES, RSA, and elliptic curve (ECC) algorithms. These technologies have protected financial transactions, energy grids, industrial systems, and communication channels. However, the development of quantum computers fundamentally changes the situation – algorithms that were previously considered secure may become vulnerable and allow encryption to be broken within hours.

NBÚ has therefore issued recommendations that provide a clear national framework for the transition to post-quantum cryptography (PQC) – a new generation of standards designed to withstand attacks using quantum computing.

Main Principles of the New Recommendation

The document establishes specific parameters and priorities for individual categories of cryptographic tools:



  • Symmetric encryption: mandatory use of 256-bit keys (e.g., AES-256, Camellia-256, Twofish-256).
  • Hash functions: output resistant to quantum attacks with a length of at least 384 bits (SHA-384, SHA-512, SHA3-512, SHAKE256).
  • Asymmetric algorithms and digital signatures: transition to post-quantum algorithms ML-KEM for key exchange and ML-DSA or SLH-DSA for signatures.
  • Hybrid cryptography: recommended during the transition period – a combination of classical and post-quantum algorithms to maintain compatibility.
  • Password protection: modern standards Argon2id or scrypt as a replacement for outdated schemes.
  • Random number generation: only sources meeting NIST SP 800-90 or BSI AIS 20/31 standards.

In addition to technical details, the document emphasizes the principle of crypto-agility – the ability of systems to flexibly change algorithms without disrupting operations. Organizations should maintain an inventory of where cryptography is used, store algorithm identifiers along with data, and prepare for gradual migration.

Significance for Critical Infrastructure

For AKI SR members – operating in sectors such as energy, telecommunications, transport, water management, and digital services – these recommendations are of exceptional importance.

Critical infrastructure often uses systems with long life cycles that operate for 15 to 25 years. Cryptographic reworking of such systems is demanding and takes years, so it is necessary to start today. Early implementation of NBÚ guidelines will help prevent unplanned and financially demanding interventions in the future.

The new document also aligns Slovakia with European Union Recommendation 2024/1101 on the transition to post-quantum cryptography. This will ensure the interoperability of national systems with the European framework of digital sovereignty and strengthen Slovakia's position as a proactive and responsible EU member state.

AKI SR Statement

The Critical Infrastructure Association of the Slovak Republic welcomes the publication of this document. This is an important step that brings clarity at a time when artificial intelligence, automation, and quantum technologies are fundamentally changing the rules in the field of cybersecurity. AKI SR will continue to support its members in implementing these recommendations – through expert discussions, educational activities, and the exchange of experiences between the public and private sectors.

Cooperation with research institutions, security-certified companies, and European partners will also be key to ensuring that the transition to post-quantum cryptography is not only technically managed but also economically sustainable. Slovakia now has a unique opportunity to rank among the leaders in quantum-resistant infrastructure.

However, this requires every operator – from national enterprises to regional IT services – to begin analyzing their systems, planning migration, and building architectures prepared for future algorithms. The sooner these steps begin, the stronger the country's resilience as a whole will be.

About AKI SR

The Critical Infrastructure Association of the Slovak Republic (AKI SR) brings together organizations from the public and private sectors. Together, they strengthen national resilience, cybersecurity, and the protection of vital services.

More information: www.akisr.sk

The Critical Infrastructure Association of the Slovak Republic Enters into Strategic Partnership with India in Quantum Technologies and Critical Infrastructure Protection

25. júna 2026
The Slovak Republic and the Republic of India are expanding cooperation in the field of digital security and advanced cryptographic technologies. On the occasion of the visit of the Prime Minister of the Republic of India, Narendra Modi, to Slovakia, the Critical Infrastructure Association of the Slovak Republic (AKI SR) and the Indian government organization Centre for Development of Telematics (C-DOT) signed a Memorandum of Understanding, which establishes a foundation for the joint development and implementation of quantum-safe technologies and the protection of critical infrastructure.

Asociácia kritickej infraštruktúry SR uzatvorila strategické partnerstvo s Indiou v oblasti kvantových technológií a ochrany kritickej infraštruktúry

25. júna 2026
Slovenská republika a Indická republika rozširujú spoluprácu v oblasti digitálnej bezpečnosti a pokročilých kryptografických technológií. Asociácia kritickej infraštruktúry Slovenskej republiky (AKI SR) a indická vládna organizácia Centre for Development of Telematics (C-DOT) podpísali pri príležitosti návštevy predsedu vlády Indickej republiky Narendru Modiho na Slovensku Memorandum o porozumení, ktoré vytvára základ pre spoločný vývoj a implementáciu kvantovo bezpečných technológií a ochranu kritickej infraštruktúry.

Statement by the Critical Infrastructure Association of the Slovak Republic on the Railway Communications Outage in Germany

24. júna 2026
The recent disruption to rail operations in Germany, which was related to a problem in the GSM-R communication system, is an important warning for the whole of Europe. It shows that the security and continuity of critical infrastructure today does not depend only on physical assets, tracks, stations, vehicles, or technical equipment. Equally important are communication, data, control, and information systems, without which safe and reliable operations cannot be ensured.

Stanovisko Asociácie kritickej infraštruktúry Slovenskej republiky k výpadku železničnej komunikácie v Nemecku

24. júna 2026
Nedávny výpadok železničnej prevádzky v Nemecku, ktorý súvisel s problémom v komunikačnom systéme GSM-R, je dôležitým upozornením pre celú Európu. Ukazuje, že bezpečnosť a kontinuita kritickej infraštruktúry dnes nezávisí iba od fyzických objektov, tratí, staníc, vozidiel alebo technických zariadení. Rovnako dôležité sú komunikačné, dátové, riadiace a informačné systémy, bez ktorých nie je možné zabezpečiť bezpečnú a spoľahlivú prevádzku.

The Ministry of Economy of the Slovak Republic and the Critical Infrastructure Association of the Slovak Republic Signed a Memorandum of Cooperation

22. júna 2026
The Ministry of Economy of the Slovak Republic and the Critical Infrastructure Association of the Slovak Republic signed a Memorandum of Cooperation on Monday, 22 June 2026, with the aim of strengthening cooperation in the field of resilience of the critical infrastructure of the Slovak Republic and ensuring the continuity of the provision of essential services.

Ministerstvo hospodárstva Slovenskej republiky a Asociácia kritickej infraštruktúry Slovenskej republiky podpísali Memorandum o spolupráci

22. júna 2026
Ministerstvo hospodárstva Slovenskej republiky a Asociácia kritickej infraštruktúry Slovenskej republiky podpísali v pondelok 22. júna 2026 Memorandum o spolupráci, ktorého cieľom je posilnenie spolupráce v oblasti odolnosti kritickej infraštruktúry Slovenskej republiky a zabezpečovania kontinuity poskytovania základných služieb.

Slovakia and India Strengthen Cooperation in the Protection of Critical Infrastructure: AKI SR and India’s C-DOT Discuss Joint Projects

18. júna 2026
At the international technology fair VivaTech 2026 in Paris, a working meeting was held today between representatives of the AKI SR and the Indian government technology organization Centre for Development of Telematics (C-DOT). The meeting followed ongoing discussions between the two partners and confirmed their shared interest in developing strategic cooperation in the areas of cybersecurity, critical infrastructure protection, and the development of technologies resilient to threats emerging in the quantum era.

Slovensko a India posilňujú spoluprácu v ochrane kritickej infraštruktúry: AKI SR a indický C-DOT rokovali o spoločných projektoch

18. júna 2026
Na pôde medzinárodného technologického veľtrhu VivaTech 2026 v Paríži sa dnes uskutočnilo pracovné stretnutie predstaviteľov Asociácie kritickej infraštruktúry Slovenskej republiky (AKI SR) a indickej vládnej technologickej organizácie Centre for Development of Telematics (C-DOT). Stretnutie nadviazalo na už prebiehajúce rokovania medzi oboma partnermi a potvrdilo spoločný záujem rozvíjať strategickú spoluprácu v oblastiach kybernetickej bezpečnosti, ochrany kritickej infraštruktúry a vývoja technológií odolných voči hrozbám nastupujúcej kvantovej éry.

Zero Trust in the Supply Chain of Critical Infrastructure: When Trust Must Be Verified

18. júna 2026
The weakest point of an organization has long ceased to be its own technology. Increasingly, it is becoming a supplier who has access to systems, data, or ensures the operation of critical services.

Zero Trust v dodávateľskom reťazci kritickej infraštruktúry: keď dôvera musí byť overená

18. júna 2026
Najslabším miestom organizácie už dávno nemusí byť jej vlastná technológia. Čoraz častejšie sa ním stáva dodávateľ, ktorý má prístup k systémom, údajom alebo zabezpečuje prevádzku kritických služieb.