Sigillet History

Sigillet Xpress is based on the ’Sigillet’-algorithm. Some historical facts about the algorithm follow below.

Christer Lindén was one of the owners of SÄKdata. He had previously been responsible for the computer security at the Swedish Defence Computer Centre, Försvarets Datacentral. He was the initiator and the highest responsible for creating Sigillet in cooperation with Bankgirot.

Hans Block started as a mathematician with a lot of experience in crypto-systems. He had been working as project leader at the Swedish Statistical Centre, Statistiska Centralbyrån, where he worked with development of methods for computer security.

The development of Sigillet started in the spring 1977. Hans Block was contracted by SÄKdata where he developed the mathematical principles in the algorithm which Sigillet today is based on.

Sigillet was an algorithm with excellent performance, and still is. Only one CPU-second was needed on an IBM 3033 to process 200.000 characters. Sigillet had many other advantages over other similar methods. You could for instance produce sub-seals and Sigillet could be used for both binary data and ordinary text-data. The interface for text-data was suitable for data-communication, especially between different kinds of computers with different operating-systems. Only the important characters where checked. Sigillet, compared to other similar methods, was specially designed for money-transactions. The algorithm take into consideration that ’0’ is the most frequent used digit and spaces are the most common character.

The boss of Muhammad Ali’s promoter company together with two employees at Wells Fargo Bank embezzled at least 21 million dollars, or 95 million Swedish crowns (SEK), by manipulating money-transactions on magnetic tapes. It was the biggest embezzlement in the history of USA. Nobody knew where the money had gone. Who knows, maybe Mohammad Ali hadn’t become so rich if Wells Fargo Bank had used Sigillet. This event became a major milestone for SÄKdata and Sigillet.

SÄKdata was a company specialized in ADB-security. Bankgirot wanted a risk analyze of their money transactions which was carried out by SÄKdata in the beginning of 1980. Risks were found. It would probably take 12-15 days before manipulated transactions were discovered. 2 billion SEK were processed every day which came in 150-200 tapes or diskettes. 10% of the tapes/diskettes contained probably 25% of the daily amount. A criminal minded programmer could steal an incredible lot of money each day and he or she could do it without risk during 8-10 days.

In February 1981 Bankgirot started to use SÄKdata’s product, called Sigillet, to eliminate the risks with the transaction files.

In 1982 the algorithm was examined cryptologically by the Swedish Division of Communication Security. It was considered to be a good protection against tampering with economic sensitive information.

The banks in Finland bought Sigillet 1982. The Norwegian Bankgirot (BBS) also bought Sigillet. Bankgirot in Denmark tested Sigillet. Banking societies in England, France, Spain and Luxemburg invited their banks to a Sigillet presentation which was carried out in September 1982. The Canadian bank society informed their banks about the algorithm. The Swedish Trade Council, Exportrådet, and local agents started to inform banks in USA about Sigillet.

In 1983 ADB-systems processed money transactions 10-20 times the BNP ( Gross National Product ). Bankgirot handled money transactions to suppliers for 6.000 companies to a yearly amount of 163 billion SEK. Around 200 magnetic tapes or diskettes were received every day, or in other words about 4-5 million SEK per tape/diskette. Postgirot handled 430 billion SEK each year. The international banking system called SWIFT handled 50% of the Swedish export-income and import costs. The total value was 290 billion SEK each year. As a comparison, 500 billion dollars were processed daily by Federal Reserve’s system in USA. The Swedish banking society recommended Sigillet as a standard for Swedish money transactions.

1985 Bankgirot introduced Sigillet on personal computers.

A problem with personal computers was that there was no standard for diskettes. The solution was ”Magic Machine”, a machine from Xitan in England, which could convert diskettes from the most operating-systems such as CP/M, MS-DOS and PC-DOS. It could handle 270 different formats on 3.5, 5 and 8 inches diskettes.

1985 Postgirot also introduced Sigillet on personal computers. The service was called PC-giro and the program was developed by Hogia in Stenungsund. They estimated to have a couple of thousand companies connected to the service within a year. PC-giro saved transactions on diskettes which were sent to Postgirot. It was also possible to send the information by using a modem. The files were of course secured with Sigillet. The cost for PC-giro would be comparable to the cost for ”Företagsdisketten” which was the comparable service from the bank SEB.

1985 Postgirot had about 350 million transactions with the amount of 5500 billion SEK. Money transactions became more and more effective. A problem Postgirot had was that the time they had the money in their ”possession” had been reduced. This was a major problem since 70-75 % of their income was based on the interest of the transactions. In general 20 billion SEK were handled every day which generated an interest income of 4-5 million SEK each day. One percent change was equal to about 100 million reduced or increased income during a year. In the mornings magnetic tapes were delivered from companies containing 600-700 billion SEK yearly. Fortunately the tapes couldn’t be manipulated due to the use of Sigillet.

1986 Postgirot sent around 10.000 letters to its customers and urged them to as soon as possible use Sigillet. 53 million SEK had been stolen during a money transaction that summer.

The insurance companies Skandia and Trygg Hansa reduced their insurance premiums by 10% for companies which protected their money transactions with Sigillet.

Inland Revenue, the English counterpart to Riksskatteverket, bought Sigillet.

Some statistics from 1992.
5.200 Sigillet had been sold.
2.200 Sigillet on personal computers had been sold.
40 Sigillet on mainframes or minicomputers were sold each month.
200 Sigillet on personal computers were sold each month.
60 resellers were selling Sigillet.
4 resellers were selling Sigillet for Tulldata.
Around 40 different versions of Sigillet were available.

Due to recommendation from Bankgirot and Postgirot hundreds of big or middle sized companies started to use Sigillet. Some of them were ABV, Alfa Laval, ASEA, ASG, Astra, Billman, Bofors, DAGAB, Dagens Nyheter, Domänverket, Electrolux, LM Ericsson, FFV, Folksam, Göteborgs Kommun, ICA, Jönköpings Landsting, Kommundata, Korsnäs-Marma, Kristianstads Landsting, Leo, Malmö kommun, Mölnlycke, Nyman & Schultz, OK, OKG, Perstorp, Pressbyrån, PLM, RFV, Rifa, RSV, SAAB-Scania, Samfood, Sandvik, Skania, SL, SJ, SPP, Sv BP, Sv Esso, Shell, Stockholms Kommun, Stockholms Landsting, Televerket, Texaco, Tibnor, Trygg-Hansa, Uppsala Kommun, Umeå Kommun, Vattenfall, Vägverket, Volvo Flygmotor, VPC, Östergötlands Landsting and many more.

Nexus bought parts of SÄKdata 1998, including Sigillet. SÄKdata was at that time a part of Securitas.

Today the algorithm is widely used by the Swedish customs, banks and companies.

Many different versions of Sigillet have been developed during the years to cover different types of computers and different languages. Here follows a list from 1994.
IBM Mainframe MVS – Assembler / Cobol, Honeywell 66 – Assembler, Univac 1100 – Assembler, ICL 1900 – Cobol, DEC 10 – Pascal / APL, Burroughs – Algol, Honeywell Mini 6 – Assembler / Cobol, Bull DPS 7 – Cobol, Ericsson 2500 – Assembler / Cobol, Tandem – TAL, IBM S/38 – Cobol, IBM AS/400 – Cobol, Norsk Data Nord 100/500 – Planc, IBM S/36 – Cobol, IBM PC – Pascal MT / MS Pascal 2, IBM PC – Turbo Pascal, ICL 2900 – Cobol, Wang VS – Cobol, Nixdorf 8870 – Business Basic, DEC/VAX – C, DEC/PDP 11 – Fortran, HP 3000 – Cobol, IBM PC – High C, ICL DRS 500 – C, Unisys S/80 – C, IBM PC – Microsoft C, HP/9000 series – C, Bull BOS II – C, Data General – Cobol AOS/VS / Fortran RMS / Fortran AOS/VS, NCR/IMOS – Cobol, NCR/9400 – Cobol, Burroughs B 1000 / 2000 – Cobol, Siemens B 32000 – Cobol, Prime 50-series – Cobol.

In the end of the 90’s the number of available versions of Sigillet had been reduced to four, namely IBM Mainframe, AS/400, Windows and a C-version for Unix and other platforms. In addition to the four different versions, a COM-version for Windows was introduced 2004 and a Java version was introduced 2006.

Bankgirot had two solutions for securing transaction files, Sigillet which was the recommended solution and an open source algorithm called MAA. In 2006 they announced that the support of MAA would end in the spring 2007. Companies, which had been using MAA, changed to Sigillet. Later also Plusgirot stopped using the MAA algorithm.

Sigillet is an algorithm and requires programming to be integrated in economic systems. Many companies do not have the required programming knowledge to implement the algorithm in their systems. Nexus noticed a demand for a complete program, which could handle transaction files, and could easily be integrated into economic systems without a major programming effort. The result became Sigillet Xpress.

The first version of Sigillet Xpress was available in the summer 2007. It was a result of a cooperation between Nexus and Swedbank. The program could handle transaction files containing Swedbank’s SUS format.

The second version of Sigillet Xpress was available in November 2007. The program had been improved so it could handle transaction files also for Bankgirot and Postgirot. The third version was introduced in the beginning of 2008. Many improvements were done such as better installation, templates and a user interface. Version 4 came in the beginning of 2010. It had support for EDIFACT files used by the Swedish customs.

Verimation was previuosly a part of Nexus but is today a separate company which will continue to develop SigilletXpress to meet future demands such as new transaction-file layouts.