Innovation

The Truth About the People with the Keys to the Internet

Overview Articles have often referred to the seven people who hold the keys to the internet and control the web. These cryptosecurity officers protect an integral part of the internet.

When a significant portion of the internet is compromised and must shut down, as it did on October 21 in 2016, an important group of 14 people with highly protected keys hold a ceremony to essentially restart the internet.

Unlike what is rumored about the seven people who control the entire internet, the crypto officers — 14 Trusted Community Representatives and seven Recovery Key Shareholders — protect a single function of the internet, the mechanism for authenticating the data in the domain name system (DNS). A hierarchy of cryptographic keys starting at the root of the DNS keeps the mechanism safe and is managed by the Internet Corporation for Assigned Names and Numbers (ICANN).

With security always top of mind with connected lifestyles, the group of trusted officers prevent — and keep the world safe from — digital disruption.


The Tech Behind the Internet

DNS translates web addresses such as CES.tech into the numerical IP addresses that are necessary for computers to identify those web pages. The technology protecting the DNS —making sure that each typed web address goes to its intended destination, for example — is known as the DNS Security Extensions. This works by adding verifiable chains of trust through private and public cryptographic keys that can be validated to the DNS.

The numbers that make up the private key that secures the whole DNS are held in two distanced, secure facilities behind multiple layers of protection, the innermost of which is a device called a hardware security module (HSM). An HSM can erase all the keys it stores to prevent any compromise.


The Key Ceremony

Not every Trusted Community Representative holds an actual key to an HSM.
In the unlikely event that the HSMs become inoperable, several smartcards activated at the same time can access an HSM securely. Those smartcards are held in other secure boxes whose keys are held by the Trusted Community Representatives.

At least five representatives at the same time must be present at an ICANN facility to access the smart cards in what is called a key ceremony, and then use those smart cards to access an HMS that contains the cryptographic master key to the DNS.

Much of the internet’s function is related to the DNS, and a tremendous amount of traffic can be redirected through access to the root keys. But the internet consists of many different systems, and the DNS is just one of them.

Though the crypto officers can help protect the HSMs and the DNSSEC, their valuable service is for a limited — but crucial — operation.

You May Also Be Interested In ...

Did You Know There Are Three 5G Network Types?

Read more arrow-black

Five 5G and AR/VR Applications That Are Socially Safe

Read more arrow-black
VMD4-CES-PROD-2