Visible to the public HoloPair: Securing Shared Augmented Reality Using Microsoft HoloLens

TitleHoloPair: Securing Shared Augmented Reality Using Microsoft HoloLens
Publication TypeConference Paper
Year of Publication2017
AuthorsSluganovic, Ivo, Serbec, Matej, Derek, Ante, Martinovic, Ivan
Conference NameProceedings of the 33rd Annual Computer Security Applications Conference
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-5345-8
Keywordsaugmented reality, Human Behavior, privacy, pubcrawl, resilience, Resiliency, Scalability

Augmented Reality (AR) devices continuously scan their environment in order to naturally overlay virtual objects onto user's view of the physical world. In contrast to Virtual Reality, where one's environment is fully replaced with a virtual one, one of AR's "killer features" is co-located collaboration, in which multiple users interact with the same combination of virtual and real objects. Microsoft recently released HoloLens, the first consumer-ready augmented reality headset that needs no outside markers to achieve precise inside-out spatial mapping, which allows centimeter-scale hologram positioning. However, despite many applications published on the Windows Mixed Reality platform that rely on direct communication between AR devices, there currently exists no implementation or achievable proposal for secure direct pairing of two unassociated headsets. As augmented reality gets into mainstream, this omission exposes current and future users to a range of avoidable attacks. In order to close this real-world gap in both theory and engineering practice, in this paper we design and evaluate HoloPair, a system for secure and usable pairing of two AR headsets. We propose a pairing protocol and build a working prototype to experimentally evaluate its security guarantees, usability, and system performance. By running a user study with a total of 22 participants, we show that the system achieves high rates of attack detection, short pairing times, and a high average usability score. Moreover, in order to make an immediate impact on the wider developer community, we have published the full implementation and source code of our prototype, which is currently under consideration to be included in the official HoloLens development toolkit.

Citation Keysluganovic_holopair:_2017