Internet Security Depends on Seven Skeleton Keys Guarded by 14 People

Attacks DDoS to Dyn, a leading provider of DNS, that for a few hours made it impossible that the world could access Twitter, Netflix or Spotify have shown us the importance of DNS in the proper functioning of the network. The Domain Name System become addresses as in understandable numeric IP addresses for computers, which become the master key of Internet technology.

A few weeks ago we learned that the keys to access the computers that control the DNS left of being in power of the United States, and that went on to be controlled exclusively by the ICANN. So ICANN is organism that protects Internet, and as if it were a spy film, does it with 7 keys to access to your main computer that spread among 14 people. The true guardians of the network of networks.

Every three months since 2010, the guardians of the seven keys gather to perform a kind of ritual of security in which updated and verified keys that you allow them to have access to the device that generates all of the master keys of Internet, the keys to access the main database of the ICANN.

And what would happen if someone with bad intentions could access this database of ICANN? Thus basically would have control of the Internet, and could for example send to fraudulent addresses when we write the URL of a web. We can imagine it as a phishing to epic levels, you can write the address of your Bank and that lead you to a fraudulent account that steal credentials.

The ritual of the seven keys

ICANN has seven keys to physical partitioning fourteen people, of which seven are “regular” carriers and seven alternates remain. These keys give access to safety deposit boxes, among them are the cryptographic cards that generate a new SKR (Signed Key Response), which in turn contains new keys that must be distributed over the Internet to ensure DNS systems.

But the process is not as simple as it seems, since before reaching the main computer to generate the new SKR is needed pass a ritual of security. Carriers of the keys have to overcome a series of locked doors with access codes and scanners hands until you reach a locked room so can be electronic, communications in that room is where the keys are updated.

The entire event is scripted, and It is engraved and methodically audited. It is more steps that must follow the participants have been described and distributed among the attendees and participants so anyone can detect that something is being done as it should be. Once finished the whole ceremony is more casual and owners of Internet go dinner at a restaurant.

In an exercise of transparency, ICANN published the scripts for each ceremony and worldwide broadcasts it by streaminga. The next will take place on October 27 and will be especially relevant, since for the first time will be the change of the master encryption key that ensures that going to the web that we have when we come to it from the browser.