More than a decade of papers talking about preventing SPIT (SPam over Internet Telephony), yet we still receive spam calls these days. We recover here an old proposal about issuing secret codes to potential callers, which they are to provide on each call-in order to prove legitimacy. As an up-to-date contribution, we suggest an out of band mechanism to exchange and validate those secrets, based on mobile apps and web services, and we leverage TOTP (Time-based One Time Passwords) to improve our recipe. Our goal is to protect mobile subscribers from unwanted calls (not only spam), and at the same time to allow for anonymous calls. Is that feasible?

Authors: Sam (Joel Samper), Aspen Olmsted

Published in: International Conference for Internet Technology and Secured Transactions (ICITST-2021)

• Date of Conference: 7-9 December 2021
• DOI: 10.20533/ICITST.2021.0019
• ISBN: 978-1-913572-39-6
• Conference Location: Virtual (London, UK)