Did You Know: The Internet Is Guarded By These 14 People Holding 7 Keys

It may sound a lot like the stuff of science fiction or LOTR: seven keys, held by individuals from all over the world, that together control security at the core of the web. How? Read on.

Cover image via

This sounds like something out of a Dan Brown book but it isn’t: The whole Internet is actually controlled by 7 physical keys

In a great piece over at The Guardian, the site covers one of the most intriguing security measures taken by the Internet Corporation for Assigned Names and Numbers (ICANN).

ICANN is responsible for assigning numerical Internet addresses to websites and translating them into the normal web addresses that people type into their browsers

For instance, type into your browser and you’ll be taken to Business Insider’s web page. But is easier for people to remember. ICANN maps the numbers with words.

If someone were to gain control of ICANN’s database that person would control the Internet

For instance, the person could send people to fake bank websites instead of real bank websites. On the other hand, if a calamity happened, the ICANN database could need to be rebuilt.
Image via

So ICANN came up with a way to do that without entrusting too much control to any one person

It selected seven people to be key holders and gave each one an actual key to Internet. It selected seven more people to be backup keyholders: 14 people in all.

'Each of the 14 primary keyholders owns a traditional metal key to a safety deposit box, which in turn contains a smartcard, which in turn activates a machine that creates a new master key.'

Image via

The physical keys unlock safety deposit boxes stashed around the world. Inside those boxes are smart keycards. Put the seven smartcards together and you have the “master key.” The master key is really some computer code, a password of sorts, that can access the ICANN database.

The backup keyholders have something a bit different: smartcards that contain a fragment of code needed to build a replacement key-generating machine

Once a year, these shadow holders send the organisation that runs the system – the Internet Corporation for Assigned Names and Numbers (Icann) – a photograph of themselves with that day’s newspaper and their key, to verify that all is well.”

Lynn Lipinski, PR for Icann, signs the official register of the key ceremony.

Image via

Four times a year since 2010 the 7 keyholders meet for the key ceremony where they generate a new master key, i.e. a new password. Here, watch the 2010 key signing ceremony:

Ball was invited to observe one of these ceremonies, which includes more than 100 steps

The security to be admitted to the ceremony is intense, Ball reports, and involves passing through a series of locked doors using key codes and hand scanners, until entering a room so secure that no electronic communications can escape it.

A group at one of the internet's domain name system signing ceremonies.

Image via

“These steps are a strange mix of high-security measures lifted straight from a thriller (keycards, safe combinations, secure cages), coupled with more mundane technical details – a bit of trouble setting up a printer – and occasional bouts of farce,” Ball wrote. “In short, much like the internet itself.”

Other Internet and privacy related stories on SAYS:

You may be interested in: