Each smart card contains a portions of the DNSSEC root key, which would be necessary to reboot the Internet as we know it if connections were severed to stem a cyber attack.
SHARE

You may have heard the rumor that swirled briefly last month about an Internet “kill switch” that could power down the Web in the case of a critical cyber attack. Those rumors turned out to be largely overblown, but it turns out there are now seven individuals out there holding keys to the Internet. In the aftermath of a cataclysmic cyber attack, these members of a “chain of trust” will be responsible for rebooting the Web.

The seven members of this holy order of cyber security hail from around the world and recently received their keys while locked deep in a U.S. bunker. But the team isn’t military in nature. The Internet safety program is overseen by the Internet Corporation for Assigned Names and Numbers (ICANN), a non-profit watchdog group that has access to a security system designed to protect users from cyber fraud and cyber attacks.

Part of ICANN’s security scheme is the Domain Name System Security, a security protocol that ensures Web sites are registered and “signed” (this is the security measure built into the Web that ensures when you go to a URL you arrive at a real site and not an identical pirate site). Most major servers are a part of DNSSEC, as it’s known, and during a major international attack, the system might sever connections between important servers to contain the damage.

A minimum of five of the seven keyholders – one each from Britain, the U.S., Burkina Faso, Trinidad and Tobago, Canada, China, and the Czech Republic – would have to converge at a U.S. base with their keys to restart the system and connect eveything once again. We’re imagining a large medieval chamber filled with techno-religious imagery where these knights cyber must simultaneously turn hybrid thumb drive/skeleton keys in a massive router, filling the room with the blinking light of connectivity.

In reality, it’s not so dramatic. The keys are actually smartcards that each contain parts of the DNSSEC root key, which could be thought of as the master key to the whole scheme. But it is interesting to know that there is a group of individuals out there that hold actual, physical keys that would reboot the Internet as we know it. Find out more about these cryptographic keys and how/why they’re made here.

BBC

Security