The internet is still actually controlled by 14 people who hold 7 secret keys
It sounds like something out of a Dan Brown book, but it isn’t. The whole internet is protected by seven highly protected keys, in the hands of 14 people. And in a few days, they are going to hold a historic ritual known as the Root Key Signing Ceremony.
On Friday, October 21st morning, the world got a good reminder as to how important the organization that these people belong to is. A good chunk of the internet went down for a while when hackers managed to throw so much traffic at a company called Dyn, that Dyn’s servers couldn’t take it, and Dyn went down for a while.
Dyn is a major provider of something called the Domain Name System (DNS), a system that translates web addresses, like “businessinsider.com” (easier for humans to remember) into the numerical IP addresses that computers use to identify web pages.
Dyn is just one DNS provider. And while hackers never gained control of its network, the success of hackers to bring it offline for even just a few hours via this so-called “denial of service” attack, shows just how much the internet relies on DNS. This attack briefly brought down sites like Business Insider, Amazon, Twitter, Github, Spotify, and many others.
Upshot: if you control all of DNS, you can control all of the Internet
If someone were to gain control of ICANN’s database, that person would pretty much control the internet. For instance, the person could send people to fake bank websites instead of real bank websites.
DNS at its highest levels is secured by a handful of people around the world, known Crypto Officers.
Every three months since 2010 some, but typically not all, of these people, gather to conduct a highly secure ritual known as a key ceremony, where the keys to the internet’s metaphorical master lock are verified and updated.
The people conducting the ceremony are part of an organization called the Internet Corporation for Assigned Names and Numbers. ICANN is responsible for assigning numerical internet addresses to websites and computers
To protect DNS, ICANN came up with a way of securing it without entrusting too much control to any one person. It selected seven people as key holders and gave each one an actual key to the internet. It selected seven more people to be backup keyholders: 14 people in all. The ceremony requires at least three of them, and their keys, attend each time. Three keys are needed to unlock the actual equipment that protects DNS.