keys to the Internet

keys to the Internet

May 04, 2021

 Is it possible to shut down the internet? 



           What if you woke up to an unexpected internet breakdown? Would you able to survive without checking your friend's WhatsApp status or random stuff on Instagram the first thing in the morning? especially during this pandemic time, you need to run your daily life only through the internet. so, without the internet two-third of the world's population can't communicate with each other. I'm sure you can't even think of a second without the internet because the internet has become such an essential part of our lives. 





              There's a group called ICANN-The Internet Corporation for Assigned Names and Numbers. They have handed out seven keys to seven individuals spread across the world, and with those keys, you can shut down and reboot the internet.

Seem interesting😉...These are actually some interesting stuff you can find on the internet when you search "7 people who can turn off the internet", "keys to the internet" and some more keywords relating to the internet breakdown.

Is it possible to shut down the internet? Are these seven people controlling the internet? literally, no one can stop the internet and there are no keys that cause the Internet to function (or not to function).


              The so-called "keys to the Internet” only relate to one function, and even then, they can only be used in extremely narrow circumstances. It is important to understand what these keys do, to see why they do not control the Internet.

               First and foremost, the keys being talked about belonging to just one single part of the Internet – the mechanism for authenticating the data in the domain name system (DNS), called DNSSEC. It is based on a hierarchy of cryptographic keys starting at the root of the DNS. The cryptographic keys for the root of the DNS are managed by ICANN.

                These cryptographic keys are kept in two secure facilities over 4,000 kilometers apart and are protected with multiple layers of physical security such as building guards, cameras, monitored cages, and safes. The innermost layer of physical security is a specialized device called a hardware security module (HSM), which stores the actual cryptographic keys. An HSM resists physical tampering, for example, if someone attempts to open the device or even drops it, the HSM erases all the keys it stores to prevent compromise. ICANN keeps two HSMs at each facility.

                The root zone cryptographic key cannot be used outside an HSM. The system that has been designed to operate an HSM requires many people to be present. Some of these people are technical community members from around the world, known as Trusted Community Representatives, and others are ICANN staff. Each person has a specific role in activating the HSM, which happens in a regular event we call a “key ceremony.”

                 But what if some event rendered the HSMs inoperable (e.g., a catastrophic bug in the firmware)? Even this extremely unlikely scenario needs a recovery plan, so ICANN keeps a backup for each root key, in a highly encrypted form, in a safe at each secure facility. If something happened to all four HSMs, ICANN could buy a new HSM from the same manufacturer and restore the root keys using the backup. In this scenario, our security policy requires additional Trusted Community Representatives to be present to restore the backups that ICANN holds.

                   This is where many of the articles talking about "the keys to the Internet" get the story wrong. The Trusted Community Representatives are each given a physical key (some are metallic, others are smart cards) that is used during a key ceremony. The type of physical key depends on their specific role. Some Trusted Community Representatives are selected as “Cryptographic Officers” that activate HSMs during routine ceremonies. Others are selected as “Recovery Key Share Holders” that activates the backup in the disaster recovery scenario. In both instances, the physical key these representatives hold is only used to activate materials that are stored within the secure facility, and do not contain the root zone’s cryptographic keys. By themselves, and without having access to ICANN’s secure facilities, the keys cannot be used to access the protected root key. For that to happen, the representatives would all have to be inside the secure facility and the safe holding the backup smart cards would have to be open. Unless all the multiple layers of physical security fail, that scenario can only happen during a planned key ceremony.

                   The other problem with the story about the keys is that the Internet is much more than DNSSEC. The Internet consists of many different systems, and the DNS is just one of them. Controlling one aspect of the Internet, such as DNSSEC, does not lead to full control of other aspects...


             And finally, I conclude no one can shut down the internet😁...


About

This is a reference Blog

Subscribe to: Post Comments (Atom)