Long Term Goals
This project fits in the PSTN Transition program in the S2ERC. The PSTN Transition refers to the transition from the legacy, time-domain multiplexed, SS7-signaled voice network to the new, IP packet-switched, SIP-signaled multimedia network.
Ultimately, we would like to see a telecommunications network that is more secure, does a better job at preserving privacy, and is more usable than the network we have today.
Background for Long Term Goals
One of the security issues facing the industry is uncertainty in authoritatively determining who a caller is, particularly with respect to identifying the caller to the called party. Callers with nefarious intent tend to lie about their identity for one of two broad reasons. The first is to convince the called party that they are not who they really are. For example, shady telemarketers that try to skirt the FCC’s telemarketing regulations may use bogus caller identity to entice a called party to answer their call, whereas the called party might reject the call out of hand if they see it is a telemarketer. The second is to convince the called party that they are someone who they are not. For example, a fraudster might use the identity of a credit card provider to get a called party’s personally identifying information. When the called party sees the caller looks like they are calling from their credit card company, they may be lulled into divulging their credentials.
The term for using a fake caller identity is spoofing.
A related issue is ‘robocalling.’ This is where an automated system makes thousands of calls. Some have sophisticated voice interaction and AI back-ends that almost pass the Turing Test (they appear to be live operators). Robocalling has gotten to be such a problem that Congress is holding hearings and introducing bills on the topic. Robocalling is related to spoofing, in that robocallers make many of the spoofed calls.
Spoofing can have very real, physical world consequences. Caller identity is intimately tied into the nation’s public safety system. There are numerous examples of criminals spoofing a target’s caller identity, calling 911, and making the call sound like the target is armed and dangerous. In such a situation, the response may be a SWAT team. The team, expecting the worst, may use tactics such as no-knock entry. The unwitting target, who only knows their home is being invaded, may respond in a way that immediately results in the SWAT team summarily executing the target. Thus, the criminal leverages the public safety system to commit murder by proxy.
Spoofing can have economic impacts. For example, many credit card companies will mail their customers credit cards. One threat they have to deal with is someone stealing the cards from the customer’s mailbox. To mitigate the threat, the card companies have the customer call a telephone number from their phone to say they received the cards. That way, if someone steals their cards, they cannot use them. Unfortunately, if someone steals mail from a mailbox, they also have the name and address of the victim. With that information, they can lookup the victim’s telephone number, spoof it, and activate the card.
Spoofing can have privacy impacts. For example, many voice mail systems present a subscriber menu, instead of the caller interaction (e.g., leave a message), if the voice mail system receives a call from the subscriber’s telephone. The problem is if the subscriber choses to not require a password for message retrieval, which is a common setup for mobile voice mail systems, then anyone who spoofs their telephone number gets immediate access to the victim’s voice messages, address book, and other services offered by that particular system.
Intermediate Term Objectives
The expectation of industry is that since we are in the midst of retiring the copper PSTN and transitioning to an all-IP network, there will not be any appetite for capital investment to address this problem in the legacy network.
The Internet Engineering Task Force is examining secure identity expression in SIP in the Secure Telephone Identity Revisited (STIR) work group. This work group is examining a certificate-based approach to cryptographically tracing asserted identities. There are a number of technical issues to work out, such as how to create a signature over what fields, in order to capture enough to defeat replay attacks yet not so much that the solution is not practical given how carriers really deploy networks.
Other technologies to evaluate include WebTN, iTN, and …
The analysis will evaluate the various proposals and map them to their ability to solve, or not solve, the spoofing and robocalling problems.
Schedule of Major Steps:
Review STIR proposals in the IETF and map those solutions
Produce analysis of proposals
Develop missing technologies and policies
Publications and Research Products:
Study of next generation technologies for calling party identity
Ex parte filing with FCC (optional on mutual agreement)
 See, e.g., H.R. 3670 (113th), Anti-Spoofing Act of 2014, and S. 2787 (2014), Caller ID Scam Prevention Act of 2014.
 This almost happened to a security researcher. See http://krebsonsecurity.com/2013/03/the-world-has-no-room-for-cowards/ for an example.
 See https://datatracker.ietf.org/wg/stir/charter/.