[robust-cactus]

Another solution - drop numeric phone numbers all together and switch to alphanumeric or verified contact only. With numeric, sequential phone numbers you can just robocall all the numbers until you find a victim. Making the search space significantly larger should solve that attack vector. Of course, this will effectively be the same as transitioning from IPv4 to v6 - with all the same associated pain

It'll help with so many things: - in contact syncing systems you can't rainbow table your way to decrypting numbers - numbers can be permanently burned once they're released or deemed as spam. This means every service could ban spammers safely without fear of burning a real user. - people could more easily have alt numbers, non-voip numbers for untrusted services.

[hannofcart]

I don't think the scammers are using sequential iteration over numbers. I suppose it's more efficient to just call numbers exposed in a data breach.

Your suggestion won't help circumvent that. I think.

[robust-cactus]

Fair, but you could throw away numbers more easily in this situation due to data breaches. You could also "update trusted parties" with a new improved scheme overall.