The Norwegian National Security Authority (Nasjonal sikkerhetsmyndighet, NSM) published updated Cryptographic Recommendations in March 2025, including guidance on post-quantum cryptography (PQC) migration. The document, available on the NSM website, applies to cryptographic solutions protecting unclassified information and classified information up to the BEGRENSET (restricted) level.
NSM recommends that organizations prepare for quantum computers by creating and implementing a plan for migration to quantum-resistant cryptography. For key encapsulation, Norway recommends ML-KEM-1024 and ML-KEM-768. For digital signatures, the guidance recommends ML-DSA-65, ML-DSA-87, SLH-DSA, and the stateful hash-based signature schemes LMS and XMSS.
According to NSM, information that must remain confidential beyond the early 2030s should be migrated to quantum-resistant mechanisms promptly. The authority stated it expects quantum-vulnerable cryptography to be replaced entirely, and it plans to update the guidance regularly. NSM also directed organizations to maintain a cryptographic inventory and to maintain cryptographic agility to allow rapid algorithm replacement if vulnerabilities are found.