But the company and any others that use the VerSecure technology will need a second approval from the Commerce Department to export encryption products built with VerSecure, department spokeswoman Sue Hofer told Reuters.
Formerly known as the International Cryptography Framework, VerSecure offers 128-bit and triple-DES encryption to users running computer applications--limited only by local laws and regulations. Users can choose from limited to very strong cryptography and select whether to activate recovery capabilities, the company said.
Encryption secures digital communications, rendering it unreadable if intercepted. The technology has at been the crux of a U.S. debate with federal criminal investigators asking Congress for access to the "keys" that unlock encrypted data on one side, and consumer groups and industry representatives arguing that such provisions make encryption products useless and constitute an invasion of privacy.
"With VerSecure, HP offers a technology that accommodates the government's policy objectives and still provides users with the kind of encryption they need and want," HP CEO Lewis Platt said in a speech today in the nation's capital.
VerSecure allows the use of key recovery, but it is not required, HP said. Unless a government policy requires key recovery, customers can decide for themselves whether to turn the feature on or off.
The computer maker said it expects the first products, based on VerSecure software developer kits, to ship in the next few months. Export approval for VerSecure came December 24.
In other elements of a wide-ranging encryption announcement, Hewlett-Packard also said it will use encryption hardware from archrival IBM (IBM) as part of its VerSecure. The two giants also said they would cooperate on other elements of KeyWorks, IBM's key recovery technology, and VerSecure, which HP formerly called its International Cryptography Framework.
In addition, HP also said it will use technology from CertCo to set up a certificate authority (CA) and public key infrastructure as part of VerSecure. CAs issue digital certificates to verify the identity of users.