The massive deployment of low-end wireless Internet of things (IoT) devices opens the challenge of finding de-centralized and lightweight alternatives for secret key distribution. A possible solution, coming from the physical layer, is the secret key generation (SKG) from channel state information (CSI) during the channel's coherence time. This work acknowledges the fact that the CSI consists of deterministic (predictable) and stochastic (unpredictable) components, loosely captured through the terms large-scale and small-scale fading, respectively. Hence, keys must be generated using only the random and unpredictable part. To detrend CSI measurements from deterministic components, a simple and lightweight approach based on Kalman filters is proposed and is evaluated using an implementation of the complete SKG protocol (including privacy amplification that is typically missing in many published works). In our study we use a massive multiple input multiple output (mMIMO) orthogonal frequency division multiplexing outdoor measured CSI dataset. The threat model assumes a passive eavesdropper in the vicinity (at 1 meter distance or less) from one of the legitimate nodes and the Kalman filter is parameterized to maximize the achievable key rate.

翻译：低端无线物联网（IoT）设备的大规模部署带来了寻找去中心化、轻量级密钥分发替代方案的挑战。一种源自物理层的可能解决方案是利用信道相干时间内的信道状态信息（CSI）进行密钥生成（SKG）。本研究承认CSI由确定性（可预测）分量和随机性（不可预测）分量组成，分别粗略地对应于大规模衰落和小规模衰落。因此，密钥必须仅使用随机且不可预测的部分生成。为从CSI测量中去除确定性分量的趋势，提出了一种基于卡尔曼滤波的简单轻量级方法，并通过完整的SKG协议实现（包括隐私放大，这在许多已发表工作中常被省略）进行评估。本研究使用了大规模多输入多输出（mMIMO）正交频分复用室外实测CSI数据集。威胁模型假设被动窃听者位于合法节点之一的附近（距离1米或更短），卡尔曼滤波器的参数设置旨在最大化可达密钥速率。