Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Canadian Who Holds the Key To the Internet

Posted by Soulskill on from the hope-nothing-breaks-during-hockey-season dept.

drbutts writes "The Toronto Star has an interesting story on how they are securing DNS: 'It's housed in two high-security facilities separated by the North American landmass. The one authenticated map of the Internet. Were it to be lost — either through a catastrophic physical or cyber attack — it could be recreated by seven individuals spread around the globe. One of them is Ottawa's Norm Ritchie. Ritchie was recently chosen to hold one of seven smartcards that can rebuild the root key that underpins this system' called DNSSEC (Domain Name System Security Extensions). In essence, these seven can rebuild the architecture that allows users to know for certain where they are and where they are going when navigating the Web."

4 of 199 comments (clear)

  1. Re:Really two different halves by joeflies · · Score: 5, Informative

    The article does state that you need 5 of 7 to restore.

  2. Re:Really two different halves by XanC · · Score: 4, Informative

    Looks like you're right; they appear to be using an implementation of Shamir's Secret Sharing

  3. Re:Not good by nacturation · · Score: 5, Informative

    The internet is supposed to be able to repair itself. You know, route around damage and stuff?

    The internet will continue to work fine. This only impacts DNSSEC and the ability to rebuild based on the private key distributed on those smartcards. If all 7 get assassinated and their smart cards hacked to bits with no backups, we can still revert to plain old DNS.

    --
    Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
  4. Re:Really two different halves by d3vi1 · · Score: 4, Informative

    Nope. It's common practice in the PKI world to use an HSM which calculates the private key upon startup. The key is not stored anywhere. It's calculated when you start the HSM. It's a function with 7 intersection points with the X axis. Knowing any 4 of the 7 intersection points is enough to calculate the function parameter. That in turn is the actual private key.

    RAID has nothing to do with this. The HSMs operate under the presumption that the safest guard for the private key is not to have it at all, encrypted or not. You calculate it only when needed. If the HSM goes down you need a new key migration ceremony in a worst case scenario, and in the best case scenario, just the administrator and operator smart cards to unlock the security world.

    This is what is being done at any public CA installed in your browser and at any Publicly signed Enterprise CA.

    --
    UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever ones.