The massive deployment of low-end wireless Internet of things (IoT) devices opens the challenge of finding de-centralized and lightweight alternatives for secret key distribution. A possible solution, coming from the physical layer, is the secret key generation (SKG) from channel state information (CSI) during the channel's coherence time. This work acknowledges the fact that the CSI consists of deterministic (predictable) and stochastic (unpredictable) components, loosely captured through the terms large-scale and small-scale fading, respectively. Hence, keys must be generated using only the random and unpredictable part. To detrend CSI measurements from deterministic components, a simple and lightweight approach based on Kalman filters is proposed and is evaluated using an implementation of the complete SKG protocol (including privacy amplification that is typically missing in many published works). In our study we use a massive multiple input multiple output (mMIMO) orthogonal frequency division multiplexing outdoor measured CSI dataset. The threat model assumes a passive eavesdropper in the vicinity (at 1 meter distance or less) from one of the legitimate nodes and the Kalman filter is parameterized to maximize the achievable key rate.

翻译：低端无线物联网设备的大规模部署带来了寻找去中心化且轻量级的密钥分发替代方案这一挑战。一种可能的解决方案来自物理层，即在信道相干时间内基于信道状态信息进行秘密密钥生成。本文认识到信道状态信息由确定性（可预测）分量和随机性（不可预测）分量共同构成，分别对应通常所说的大尺度衰落与小尺度衰落。因此，密钥必须仅利用随机且不可预测的部分进行生成。为从信道状态信息测量值中去除确定性分量的趋势，本文提出了一种基于卡尔曼滤波器的简单轻量级方法，并通过完整秘密密钥生成协议（包括大多数已发表文献中通常缺失的隐私放大环节）的实现对其进行评估。研究中使用了大规模多输入多输出正交频分复用室外实测信道状态信息数据集。威胁模型假设被动窃听者位于距离合法节点之一1米或更近的邻近区域，并通过参数化卡尔曼滤波器以最大化可实现密钥速率。