On further thought, the entries in the bloom filter probably also have to be salted and re-hashed. That way an attacker has to salt and hash every phone number and test it against the filter even to get the 10k bogus ones.

Otherwise, there’s little value in putting it in a bloom filter aside from space saving and computation. Salting and rehashing makes the attacker’s job harder. 

 Sending an encrypted phone number is unnecessary in Step 2. This is the interactive protocol you want: https://en.wikipedia.org/wiki/Socialist_millionaire_problem