PrimeKey CEO Tomas Gustavsson

How it all began

Nowadays you, me and everyone else uses digital signatures whenever we log into our bank account, show our passport or use a credit card at the shops. This would not be possible without public key cryptography enabling us to communicate securely on an insecure public network (i.e. the Internet).

In the eighties there was a young boy, Tomas Gustavsson, growing up in Handen, a suburb south of Stockholm. Little did he know what the future held.

Tomas quickly developed an interest in computer code, fuelled by films like War Games. He tried a few times to hack into the accounts of his opponents in various computer games. His father bought him membership of the ABC Club, Sweden’s first computer asso­ciation. A lot of the discussions at the ABC Club were about IT security even back then.

But it was not until 1994 that Tomas focused his attention on crypto­graphy. He was already a research assistant at the School of Computer Science at the Royal Institute of Technology (KTH) in Stockholm.

At this time MIT released a standard for public key in­frastructure (PKI) with a central repository in Boston to create, store and distribute digital signatures. Soon though everyone in the cryptographic community realised that it was not viable to have only one certificate authority (CA).

In 2001 Tomas and his team released the very first version of EJBCA, Enterprise Java Beans Certificate Authority. EJBCA is a PKI and CA software package. EJBCA is run by the Swedish company PrimeKey, which holds the copyright to the code base and has grown to become the most widely used PKI in the world today.