[humanresolv] Re: Fighting SPIT on a cell phone

"Pars Mutaf" <pars.mutaf@gmail.com> Wed, 09 January 2008 12:36 UTC

Return-path: <humanresolvers-bounces@ietf.org>
Received: from [] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1JCaB0-0001e8-Ll; Wed, 09 Jan 2008 07:36:58 -0500
Received: from [] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JCaAz-0001e1-K5 for humanresolvers@ietf.org; Wed, 09 Jan 2008 07:36:57 -0500
Received: from nz-out-0506.google.com ([]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1JCaAy-0005h9-UV for humanresolvers@ietf.org; Wed, 09 Jan 2008 07:36:57 -0500
Received: by nz-out-0506.google.com with SMTP id n1so78325nzf.4 for <humanresolvers@ietf.org>; Wed, 09 Jan 2008 04:36:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=WlZjxdk1+qnuCYoVOJ1KJWYAVRGfyeKeR0qimuCUwxk=; b=V20+shOo1yqpLJP4IY7Ci0YDkL7BwwMElr52L/B8Z1Wrk92fvxmLWSYEqewq755CkrYodkwMJj4CZk3qY6AeunsBsmyRD3hTaZfap+eLiPqN5oxYQQeoy7RlQNyTzEvzpFY7550P5LMsGBxA5mnGkb5WfizJt75XeIxx9dZPjTc=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=fKfy6H+EruhL4v1kCj0AKHjwO6nr7y3qMnbXGlgoYvxa2sP8FA6oMT11UvV84+F5tL+HIV+XsOqOPkEOQuQJqmX+b61nmOzUZ3bskdPsdiKOtUlFLY2sifpHc3/InKwI6x/CF1G59HI9Zr0fmbZhRNKwo7fgWrZbGuYAcQhwD4Y=
Received: by with SMTP id c11mr173299wfh.25.1199882215956; Wed, 09 Jan 2008 04:36:55 -0800 (PST)
Received: by with HTTP; Wed, 9 Jan 2008 04:36:55 -0800 (PST)
Message-ID: <18a603a60801090436x19cc4b09je2fc8a2c77d62ee5@mail.gmail.com>
Date: Wed, 09 Jan 2008 13:36:55 +0100
From: Pars Mutaf <pars.mutaf@gmail.com>
To: humanresolvers@ietf.org
In-Reply-To: <18a603a60801080653v1ced8eefka2d8a30c5846e5be@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <18a603a60801080643h7b62d1e9xb9ed717e486bba35@mail.gmail.com> <18a603a60801080653v1ced8eefka2d8a30c5846e5be@mail.gmail.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 093efd19b5f651b2707595638f6c4003
Subject: [humanresolv] Re: Fighting SPIT on a cell phone
X-BeenThere: humanresolvers@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Pairing cellular hosts <humanresolvers.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/humanresolvers>, <mailto:humanresolvers-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/humanresolvers>
List-Post: <mailto:humanresolvers@ietf.org>
List-Help: <mailto:humanresolvers-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/humanresolvers>, <mailto:humanresolvers-request@ietf.org?subject=subscribe>
Errors-To: humanresolvers-bounces@ietf.org

On Jan 8, 2008 3:53 PM, Pars Mutaf <pars.mutaf@gmail.com> wrote:
> [sorry for cross-posting]
> Hello,
> I want to leave my cell phone number (SIP URI) on a discussion forum, or
> web page, blog, craigslist etc. But wish to avoid SPIT (SPam over Internet
> Telephony). A solution is presented below (with variations called weak,
> strong and indirect).
> Comments are appreciated.
> Regards,
> Pars Mutaf
> 1. Weak solution
> I leave the IP address of my cell phone but not a SIP URI. Interested
> party sends a request to my phone. My phone generates a random SIP URI
> and returns a different SIP URI to each querier.
> If I receive SPIT to the SIP URI 'x', then I can cancel it. Since each
> querier is returned a different SIP URI, legitimate parties can continue
> to call me or send SMS.
> Since the SIP URI 'x' was canceled, a SPITer can request another one
> and still send me SPIT. To avoid this attack, the querier can be requested
> to solve a hard challenge e.g. a CAPTCHA. A SIP URI will be returned only
> after the querier user provided the solution. The difficulty of the CAPTCHA
> can be adaptively tuned by the target host.
> When done, i.e. the desired phone call is received, the target user
> can stop receiving requests to the indicated IP address.
> 2. Strong solution
> I leave the IP address of my phone but not a SIP URI. I want to
> receive phone calls or SMS only from people that I know. Interested party
> sends a request to my phone. My phone displays a message with the
> requester's name e.g.:
>    "Alice Collins requested phone number. Accept? [YES/NO]"
> If I accept, my phone generates a random SIP URI and returns it to the
> querier.
> This solution requires human name certification.
> An attacker can send continuous bogus requests to the target IP
> address and make the target phone continuously display the above message,
> annoying the target user. This attack can be defeated by requesting the
> querier user to solve a hard CAPTCHA before his request can be displayed
> at the target host's screen. The difficulty of the CAPTCHA can be
> adaptively tuned by the target host.
> 3. Indirect solution (using e-mail)
> I leave the IP address of my cell phone and a randomly generated
> e-mail address. The mobile host (cell phone) is its own mail server. The
> mail is routed to the e-mail address at the indicated IP address.
> The querier can send me an e-mail with a brief text explaining why a
> SIP URI is requested. The e-mail content will be limited to several lines,
> reducing space for spam. E-mails containing an URL can be dropped by the
> host since the querier is not supposed to indicate an URL to request a SIP
> URI. Similarly, emails containing an image can also be dropped.

This last solution is different from others in that we don't need a new
protocol or application. I hope we can clarify that, because this solution
is not clear to me.

>From the requestor user's point of view:

We can assume that the target IP address and e-mail address are found
in the form of username@randomIPaddress. The user will click on the
address and the mailer will start automatically.

How the user can know that this e-mail address should not be used for
e-mail but for requesting a SIP URI? A possible solution to this problem
is to pre-define the e-mail subject and body:

<a href="mailto:d9j4flk4@IPaddress?subject=Requesting vCARD&body=EMPTY
MESSAGE. DO NOT EDIT.">e-mail address</a>

Upon receipt of this request my host will know what to do. I.e. it
will generate
a random SIP URI and return it via e-mail. If the SIP URI 'x' is SPITed,
I can cancel it.

The problems I see with this approach:

1. The SPITer can always request another SIP URI and SPIT on it.
There is no challenge e.g. CAPTCHA, client puzzle etc.

2. If available, human name certificate should be attached. I'm not sure
if the target host can do this for the initiator host in a pre-defined
e-mail (as above).

3. The target user may not accept the request of for example John Jackson,
i.e. user approval may be required by some users.

3. Personally, I would also expect that if the target user approves my request
the two hosts automatically establish IPsec security association (I.e. the hosts
get paired).

I would appreciate your comments. Or, if you have alternative ideas please
do not hesitate.


> ==
> Interested folks please subscribe to:
> https://www1.ietf.org/mailman/listinfo/humanresolvers

humanresolvers mailing list