The Federal Communications Commission (FCC) estimates robocalls will constitute more than half of all phone calls placed in the U.S. this year. In an effort to end to this, the FCC and major telecommunications companies including Comcast, AT&T, and T-Mobile have lined up behind a new standard called SHAKEN/STIR (Signature-based Handling of Asserted Information using ToKENs and Secure Telephony Identity Revisited) to combat robocalls and caller ID spoofing.
Public key infrastructure (PKI) is the backbone of SHAKEN/STIR, using digital certificates based on common public key cryptography techniques to ensure the calling number of a telephone call has not been spoofed. This session will dive into the SHAKEN/STIR framework and the nuances of implementing and managing keys and certificates. Performance and latency are largely a factor of managing each PKI well.
- Understanding SHAKEN/STIR and its role in combating robocalls
- Strategies for implementing SHAKEN/STIR to optimize performance and minimize latency
- Insights into the many places where SHAKEN/STIR deployments can go wrong
Technical Level: Medium