1. Field of the Invention
The present invention relates to data recovery methods, image processing apparatuses, controller boards, and data recovery programs. Particularly, the invention relates to a data recovery method, an image processing apparatus, a controller board, and a data recovery program as they relate to the recovery of data encrypted with an encryption key.
2. Description of the Related Art
In recent years, there has been an increasing demand for security regarding peripheral devices such as printers, scanners, FAX machines, copiers, and multifunction peripherals (MFP). IEEE P2600 defines security standards with regard to these image processing apparatuses and provides for requirements concerning protection of data saved within a device.
Specifically, in the field of image processing apparatuses, it is necessary to prevent theft or analysis of storage devices in which user data, such as an address book and image information, and security data such as a security log are stored, in order to protect such user data and security data. In one method of protecting such user data and security data stored in a storage device, encryption of certain strength may be employed (see Japanese Laid-Open Patent Application Nos. 2005-158043 and 2004-201038; and WO99/038078, for example).
In another method of protecting user data and security data stored in a storage device, an encryption key may be stored in a Trusted Platform Module (TPM) to prevent its leakage.
In personal computers and workstations, users generally enter their own passwords each time they start up the device. On the other hand, an image processing apparatus such as a multifunction peripheral is typically used by multiple users (or operators), any one of whom may turn on or off the device. In this mode of use of an image processing apparatus, it is not viable to tell the users that they have to enter a password each time they start up even if the purpose is to protect their user data.
In a conventional image processing apparatus, an encryption key for a storage device in which user data and the like are stored is automatically generated, and the encryption key is encrypted with another encryption key stored in a TPM. The encrypted encryption key is then saved in a nonvolatile device, such as a nonvolatile memory on the controller board.
In this conventional image processing apparatus, it is difficult to decode the storage device even if the storage device is stolen.
However, in such a conventional image processing apparatus, if it becomes necessary to replace the controller board due to defective components or the end of life of a component, the user data and the like stored encrypted in the storage device cannot be decrypted.
In practice, it is rare in the case of household appliances such as a multifunction peripheral to replace only those components on the controller board that have failed; more generally, the entire controller board is replaced. Thus, it can be expected that replacement of controller boards frequently occurs in image processing apparatuses. In the case of an image processing apparatus such as a multifunction peripheral, it is inconvenient if the user data and the like cannot be decrypted whenever a controller board is replaced.