Nyheter

Sweden and cryptology

Published: Jul 14, 2026
Kryptologins historia 2

Sweden has a long and proud history in cryptology. From the worlds oldest mechanical cipher machine to the breaking of German codes during the Second World War, Swedens heritage in the field stretches back further than most people realise.

Few people know that the world's first mechanical cipher machine was Swedish. In 1786, Baron Fredrik Gripenstierna presented the invention to Gustav III. The secret message was set in plaintext on one side, while the encrypted text appeared on the other, where it was written down by a secretary who never saw the contents of the original message. The machine also featured a mechanical lock that prevented unauthorised access to its cipher functions. No further copies of the prototype were ever made, and it is lost today, but the records of the invention are preserved in the Swedish National Archives.

Cryptology during the Second World War

During the Second World War, Sweden faced one of its most critical cryptological tests. The Germans used a device called the Geheimschreiber, or G-writer, for encrypted communication between their occupied territories in Norway and Denmark. The messages were sent via the Swedish telephone network, which, unbeknownst to the Germans, gave Sweden access to the traffic. The machines were colloquially known as appar, short for apparater (devices). The word predates, and is unrelated to, the "apps" we know today.

It was the mathematician Arne Beurling who succeeded in breaking the encryption and making the traffic readable for Swedish analysts. The work was carried out under great secrecy and meant that, for a period, Sweden was able to read German military communications in plaintext. 

But the capability also created an ethical dilemma. Once it became known what was about to happen, the question arose of whether one could act on the information, or whether doing so risked revealing that the encryption had been broken and thereby losing the entire capability. The solution was to construct alternative explanations for how the information had been obtained, such as aircraft having observed movements that justified the action taken.

– It was a constant balancing act. If you acted too plainly on the information, you risked the other side realising that their cipher had been cracked and switching systems, says Jens Bohlin, CEO of Tutus.

The intelligence work built up during this period laid the foundation for what is today the FRA, the Swedish National Defence Radio Establishment.

A trusted cipher nation within the EU

One of the explanations for Swedens strong position in cryptology is the long-standing collaboration between the state, academia and industry. It is a model that has made it possible to combine theoretical excellence with practical application and government requirements.

Today, Sweden is one of five EU countries that form part of AQUA, the Appropriately Qualified Authority, a body for second-party review of cryptographic products within the EU. The other countries are Germany, France, the Netherlands and Italy.

The implication is concrete: if a country wants a cryptographic product approved to protect EU-classified information, it requires both national approval from a member state and an independent second-party review by one of the AQUA countries. Sweden's membership of this group is a testament to the trust and expertise built up over a long period.

– It's something of a feather in Swedens cap, says Jens.

This is reflected in the results, too. Several Swedish companies now have products approved to protect EU-classified information, something that demands both high technical quality and established trust among the reviewing authorities.

NATO and quantum-safe algorithms

With Swedens accession to NATO, ambitions have risen further. There is a stated desire for Sweden to be able to deliver cryptographic solutions for use by other NATO countries as well.

At the same time, Sweden continues to build expertise at the academic frontier. In collaboration between academia and the armed forces, research is now being conducted into quantum-safe cryptographic algorithms, a field concerned with preparing cryptographic systems for a future in which quantum computers could threaten today's encryption. It is a fast-moving area, and Sweden is at the forefront.

From Gustav III's cipher machine in the eighteenth century to quantum-safe algorithms in the twenty-first, Sweden has consistently been at the leading edge of cryptology's development. At a time when the threats to digital communication are growing ever more sophisticated, cryptological capability matters more than ever. With one foot in the EU, one in NATO and a strong academic tradition, Sweden is well placed to continue playing a central role in the work of protecting information, both nationally and internationally.

Want to learn more about Sweden's history in cryptology? 

Read our article about Arne Pierrou, the man behind the PUD cipher machine.

Click here to read the article.

Linked In 9

About Jens

Jens Bohlin has been CEO of Tutus since 2009 and has a long background in cryptology and information security. He has previously worked as a technical cryptologist at both MUST and FRA, as well as at the Ministry for Foreign Affairs on joint initiatives relating to cryptography and secure systems. Jens holds a master's degree in computer science and engineering.

Namnlos design 20

About Tutus

Tutus is a Swedish cybersecurity company providing comprehensive solutions in information and network security, with a particular focus on encryption and secure communication. Since 1992, we have developed advanced solutions for critical societal functions with high security requirements — offering products approved for handling security-classified information up to the level of Restricted at the national level, as well as EU Restricted and NATO Restricted.