On 8 October 2025, the National Security Authority of the Slovak Republic (NBÚ) released a document that quietly marks the beginning of a new era for digital security in Slovakia.
The “Odporúčania pre kryptografické algoritmy – v1.0” stand as a strategic milestone, announcing Slovakia’s transition into the post-quantum age — where resilience, not legacy mathematics, defines true security.
For decades, organisations relied on cryptographic systems such as AES, RSA or elliptic-curve cryptography. These tools formed the backbone of digital trust: from online banking and defence networks to industrial control systems. Yet progress in quantum computing has fundamentally changed that assumption. Algorithms once considered “unbreakable” can be rendered obsolete by future quantum attacks, putting at risk not only what is sent tomorrow, but everything that has been stored and intercepted in the past.
Building the Slovakia Quantum Cryptography Strategy
NBÚ’s new recommendations acknowledge this risk and outline a national framework for the transition to post-quantum cryptography (PQC).
The guidance is clear. All symmetric encryption should now use 256-bit keys, whether in AES, Camellia, Twofish or Serpent. For hashing, outputs must be at least 384 bits — algorithms such as SHA-384, SHA-512, SHA3-512 or SHAKE256 are preferred. Traditional RSA and ECC schemes are to be gradually replaced by modern quantum-resistant primitives: ML-KEM for key exchange and ML-DSA or SLH-DSA for digital signatures. During the transition period, hybrid models combining classical and post-quantum algorithms are recommended, ensuring backward compatibility without compromising future resilience.
The document goes beyond cryptography itself. It introduces a practical mindset that every system architect should adopt: crypto-agility. Systems must be designed to support multiple algorithms in parallel, to record which algorithm was used with each dataset or key, and to allow a seamless switch once newer standards emerge. Password protection is also modernised through memory-hard functions such as Argon2id and scrypt, reflecting the growing threat of GPU- and ASIC-based brute-force attacks. Even the generation of randomness is addressed — only entropy sources validated under NIST SP 800-90 or BSI AIS 20/31 should be used.
This is more than a technical refresh. It is a policy turning point that places Slovakia among the first EU Member States to formally align its national standards with the European Commission’s Recommendation 2024/1101 on the transition to post-quantum cryptography. It also reflects the direction of the upcoming NIST FIPS 203–206 standards that will define global cryptographic interoperability for the next decades.
“This is a transformational moment for Slovak and European cybersecurity,” says Matej Michalko, Founder and CEO of Decent Cybersecurity. “NBÚ’s recommendations create the framework for quantum-resilient systems across government, defence and critical infrastructure — areas where we have been deeply involved for years.”
At Decent Cybersecurity, we view this step not as a compliance burden, but as an opportunity to build long-term digital sovereignty in Europe. Our work already covers the entire spectrum of post-quantum migration: from cryptographic audits and hybrid architecture design to hardware acceleration on CPUs, GPUs, FPGAs and 2 nm ASICs optimised for ML-KEM and ML-DSA. We help governments, defence organisations and enterprises build secure communication systems that remain trustworthy not only today, but decades into the future.
The NBÚ document reminds us that cryptography is not static. What was once “secure forever” must now evolve. The race against quantum capability has already started, and those who prepare early will set the standards others must follow.
For Slovak institutions, the message is straightforward: begin the migration now, inventory your cryptographic assets, adopt hybrid models, and design for agility. Waiting until 2030 or beyond will mean catching up, not leading.
Decent Cybersecurity stands ready to support this transition — through policy design, integration, certification, and continuous innovation. Quantum resilience is no longer a research topic. It is the foundation of digital trust in the years to come.
Because the future of trust cannot wait.
The post Slovakia Adopts New National Cryptography Guidelines: Quantum-Safe by Design appeared first on Decent Cybersecurity.
