CN105188055B - wireless network access method, wireless access point and server - Google Patents

wireless network access method, wireless access point and server Download PDF

Info

Publication number
CN105188055B
CN105188055B CN201510502758.XA CN201510502758A CN105188055B CN 105188055 B CN105188055 B CN 105188055B CN 201510502758 A CN201510502758 A CN 201510502758A CN 105188055 B CN105188055 B CN 105188055B
Authority
CN
China
Prior art keywords
wireless access
access point
terminal
authentication information
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510502758.XA
Other languages
Chinese (zh)
Other versions
CN105188055A (en
Inventor
田新雪
马书惠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN201510502758.XA priority Critical patent/CN105188055B/en
Publication of CN105188055A publication Critical patent/CN105188055A/en
Application granted granted Critical
Publication of CN105188055B publication Critical patent/CN105188055B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security

Abstract

The present invention provides a kind of wireless network access method, wireless access point and server, wherein, wireless network access method includes:After access pin in the wireless access request sent to the terminal received is verified, being returned to terminal allows access information, and terminal iidentification is further included in wireless access request;The first certification request that terminal is sent is received, the first certification request includes random number and terminal iidentification;According to random number and pre-stored root key, the first authentication information is determined;Send the second certification request to server so that server the first authentication information is authenticated in the random number in the second certification request and wireless access point identification it is rear to terminal return authentication as a result, authentication result represents whether wireless access point legal.Ensure safety and the legitimacy of wireless access point, terminal is prevented to be linked into illegal wireless access point, and then prevent illegal wireless access point from the data in terminal can be stolen and be usurped.

Description

Wireless network access method, wireless access point and server
Technical field
The present invention relates to a kind of communication technology more particularly to wireless network access method, wireless access point and servers.
Background technology
With the development of the communication technology, wireless communication technique is more and more widely used to home-use wireless network In.
In the prior art, terminal can ask the wireless access for carrying access pin after wireless network is detected Be sent to wireless access point, wireless access point demonstrate access pin it is correct after, the terminal is allowed to be linked into wireless access In the wireless network of point, terminal establishes wireless connection with wireless access point.
However, as long as wireless access point demonstrates that access pin is correct, and terminal can be with wireless access in the prior art Point establishes connection, so as to which the safety of wireless access point and legitimacy can not ensure, can not prevent whether terminal can be linked into In legal wireless access point, cause illegal wireless access point that the data in terminal can be stolen and be usurped, so as to Economic loss is brought to using the user of the terminal.
Invention content
The present invention provides a kind of wireless network access method, wireless access point and server, to solve the prior art The safety of middle wireless access point and legitimacy can not ensure, can not prevent whether terminal can be linked into legal wireless access In point, cause illegal wireless access point that the data in terminal can be stolen and be usurped, so as to give using the terminal User brings economic loss.
It is an aspect of the present invention to provide a kind of wireless network access method, including:
The wireless access request that terminal is sent is received, the wireless access request includes terminal iidentification and access pin;
The access pin is verified, and after being verified, being returned to the terminal allows access information;
The first certification request that the terminal is sent is received, first certification request includes random number and terminal mark Know;
According to the random number and pre-stored root key, the first authentication information is determined;
To server send the second certification request, second certification request include the terminal iidentification, it is described at random Number, wireless access point identification and first authentication information, so that the server is according to the random number and the nothing Line access point identity first authentication information is authenticated after according to the terminal iidentification to the terminal return authentication As a result, the authentication result represents whether the wireless access point is legal.
Another aspect of the present invention is to provide a kind of wireless network access method, including:
The second certification request that wireless access point is sent is received, wherein, second certification request is the wireless access Random number and pre-stored root key of the point in the first certification request sent according to terminal determine the first authentication information Send later, second certification request include the random number, wireless access point identification, first authentication information with And the terminal iidentification in first certification request;
According to the random number and the wireless access point identification, first authentication information is authenticated;
According to the terminal iidentification to the terminal return authentication as a result, the authentication result represents the wireless access point It is whether legal.
It is another aspect of the present invention to provide a kind of wireless access point, including:
Wireless access request receiving module, for receiving the wireless access request of terminal transmission, the wireless access request Include terminal iidentification and access pin;
Wireless access requests verification module, for being verified to the access pin, and after being verified, to described Terminal, which returns, allows access information;
First certification request receiving module, for receiving the first certification request that the terminal is sent, first certification Request includes random number and terminal iidentification;
First authentication module, for according to the random number and pre-stored root key, determining that the first certification is believed Breath;
Sending module, for sending the second certification request to server, second certification request includes the terminal Mark, the random number, wireless access point identification and first authentication information so that the server according to it is described with Machine number and the wireless access point identification first authentication information is authenticated after according to the terminal iidentification to described Terminal return authentication is as a result, the authentication result represents whether the wireless access point is legal.
It is a further aspect of the present invention to provide a kind of server, including:
Second certification request receiving module, for receiving the second certification request of wireless access point transmission, wherein, described the Two certification requests is random number of the wireless access point in the first certification request sent according to terminal and prestore Root key determine what is sent after the first authentication information, second certification request includes the random number, wireless access Terminal iidentification in point identification, first authentication information and first certification request;
Second authentication module, for according to the random number and the wireless access point identification, believing first certification Breath is authenticated;
Return module, for according to the terminal iidentification to the terminal return authentication as a result, the authentication result represent Whether the wireless access point is legal.
The solution have the advantages that:The wireless access request that terminal is sent is received, wireless access request includes terminal Mark and access pin;Access pin is verified, and after being verified, being returned to terminal allows access information;It receives The first certification request that terminal is sent, the first certification request include random number and terminal iidentification;According to random number and in advance The root key of storage determines the first authentication information;The second certification request is sent to server, the second certification request includes terminal Mark, random number, wireless access point identification and the first authentication information, so that server is according to random number and wireless access point It identifies after being authenticated to the first authentication information according to terminal iidentification to terminal return authentication as a result, authentication result represents wireless Whether access point is legal.It realizes and the safety of wireless access point is authenticated, ensure the safety and conjunction of wireless access point Method prevents terminal to be linked into illegal wireless access point, it is therefore prevented that illegal wireless access point can be in terminal Data are stolen and are usurped, so as to give the problem of bringing economic loss using the user of the terminal.
Description of the drawings
Fig. 1 is the flow chart of wireless network access method that the embodiment of the present invention one provides;
Fig. 2 is the flow chart of wireless network access method provided by Embodiment 2 of the present invention;
Fig. 3 is the structure diagram of wireless access point that the embodiment of the present invention three provides;
Fig. 4 is the structure diagram of server that the embodiment of the present invention four provides.
Specific embodiment
Purpose, technical scheme and advantage to make the embodiment of the present invention are clearer, below in conjunction with the embodiment of the present invention In attached drawing, the technical solution in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is Part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art All other embodiments obtained without making creative work shall fall within the protection scope of the present invention.
Fig. 1 is the flow chart of wireless network access method that the embodiment of the present invention one provides, as shown in Figure 1, the present embodiment Method include:
Step 101 receives the wireless access request that terminal is sent, and wireless access request includes terminal iidentification and accesses close Code.
In the present embodiment, specifically, wireless access point receives taking for terminal transmission by a certain network communication protocol The wireless access of band terminal iidentification and access pin request, for example, wireless access point can be by transmission control protocol/internet Agreement (Transmission Control Protocol/Internet Protocol, abbreviation TCP/IP) receives terminal and sends Wireless access request;Wireless access point can by Wireless Application Protocol (Wireless Application Protocol, Abbreviation WAP) receive the wireless access request that terminal is sent.
Step 102 verifies access pin, and that after being verified being returned to terminal allows access information.
In the present embodiment, it specifically, the access pin during wireless access point asks wireless access is verified, is testing After card access pin is correct, being returned to terminal allows access information, so as to which the terminal be allowed to be linked into the nothing of wireless access point In gauze network.
Step 103 receives the first certification request that terminal is sent, and the first certification request includes random number and terminal mark Know.
In the present embodiment, specifically, wireless access point receives the first certification request that terminal is sent, the first certification request In include a random number and terminal iidentification.
Step 104, according to random number and pre-stored root key, determine the first authentication information.
In the present embodiment, specifically, wireless access point is according to the random number that receives and pre-stored wirelessly connects The root key of access point goes to be calculated, and obtains the first authentication information.
Step 105 sends the second certification request to server, and the second certification request includes terminal iidentification, random number, nothing Line access point identity and the first authentication information so that server according to random number and wireless access point identification to the first certification Information be authenticated after according to terminal iidentification to terminal return authentication as a result, authentication result represent wireless access point whether close Method.
In the present embodiment, specifically, wireless access point sends the second certification request to server, in the second certification request Include wireless access point identification, the first authentication information and terminal iidentification and random number in the first certification request.So as to take Business device can be authenticated the first authentication information to obtain authentication result, certification knot according to random number and wireless access point identification Fruit represents whether wireless access point is legal wireless access point, specifically, if the certification of the first authentication information passes through, To authentication result for wireless access point be legal wireless access point, if the certification of the first authentication information does not pass through, obtain Authentication result for wireless access point be not legal wireless access point.Server can be sent out authentication result according to terminal iidentification Give terminal so that terminal determines whether to be connected in the wireless network of wireless access point after receiving authentication result, specifically For, terminal can be mobile phone, and terminal iidentification can be phone number, and server is according to phone number, by authentication result with short The form of letter data packet is sent to mobile phone by short message service carrying platform, so that mobile phone is true according to authentication result is received It is fixed whether to be connected in wireless access point, if it is legal wireless access that the authentication result that mobile phone receives, which is wireless access point, Point, then mobile phone may be coupled in the wireless network of wireless access point, if the authentication result that mobile phone receives is wireless access point It is not legal wireless access point, then mobile phone can be not connected in the wireless network of wireless access point.
After the present embodiment is verified by the access pin in the request of the wireless access that is sent to terminal, receive again eventually Hold the first certification request sent, terminal iidentification further included in wireless access request, the first certification request include random number with Terminal iidentification;According to random number and pre-stored root key, the first authentication information is determined;The second certification is sent to server Request, so that random number and wireless access point identification of the server in the second certification request recognize the first authentication information The backward terminal return authentication of card is as a result, authentication result represents whether wireless access point is legal.So as to be asked to wireless access In access pin be proved to be successful after, the safety of wireless access point is authenticated, ensures the safety of wireless access point And legitimacy, terminal is prevented to be linked into illegal wireless access point, it is therefore prevented that illegal wireless access point can be to terminal In data stolen and usurped, so as to bring economic loss using the user of the terminal the problem of.
Further, on the basis of above-described embodiment, algorithm mark is further included in the first certification request, step 104 Specific embodiment, including:
According to random number and pre-stored root key, the first authentication information is determined, including:
It determines and the corresponding algorithm of algorithm mark;
Operation is carried out to random number and root key using algorithm, determines the first authentication information.
In the present embodiment, specifically, having prestored the algorithm mark of N kinds algorithm and N kind algorithms in wireless access point The correspondence of knowledge, wherein, N is greater than 0 integer.Algorithm mark is also carried in first certification request, wireless access point is true Determine and the corresponding algorithm of algorithm mark;Then, wireless access point use with the corresponding algorithm of algorithm mark, to random number with The root key of the wireless access point stored in advance carries out operation, obtains the first authentication result.The N kinds stored in wireless access point are calculated Method can be hash algorithm scheduling algorithm, and for the type of algorithm, the present invention is not specifically limited.
Further, on the basis of above-described embodiment, algorithm mark is further included in the second certification request, step 105 Specific embodiment, including:
To server send the second certification request so that server use with the algorithm corresponding algorithm of mark to random number with And corresponding with wireless access point identification root key carries out operation and removes to determine the second authentication information, and in the first authentication information and the The legal authentication result of mark wireless access point is returned to terminal according to terminal iidentification when two authentication informations are consistent;
Wherein, root key corresponding with wireless access point identification is deposited for server according to wireless access point identification in advance It is determined in the wireless access point identification of storage and the correspondence of root key.
In the present embodiment, specifically, wireless access point is further comprised into the second certification request that server is sent Algorithm mark in first certification request.Pair of N kinds algorithm algorithm mark corresponding with N kind algorithms has been prestored in server It should be related to, wherein, N is greater than 0 integer, and server determines and the corresponding calculation of algorithm mark according to the algorithm mark received Method;Wireless router mark and the correspondence of root key are also prestored in server, server is wireless according to what is received Access point identity determines root key corresponding with wireless access point identification.Server may be used and the corresponding algorithm of algorithm mark To random number and root key corresponding with wireless access point identification carries out operation, determines the second authentication information.Server judges Whether the first authentication information is consistent with the second authentication information, if unanimously, server is according to terminal iidentification to terminal return authentication As a result, the authentication result represents that wireless access point is legal;If inconsistent, server is according to terminal iidentification to terminal return authentication As a result, the authentication result represents that wireless access point is illegal.
Present embodiment by according to using with the corresponding algorithm of algorithm mark to random number and with wireless access point mark Know corresponding root key progress operation to go to determine the second authentication information, and in the first authentication information and consistent the second authentication information The legal authentication result of mark wireless access point is returned to terminal, so as to reasonably demonstrate the legitimacy of wireless access point.
Further, on the basis of above-described embodiment, in step 102 before being verified to wireless access password, It further includes:
Authentication request is sent to terminal according to terminal iidentification, authentication request includes wireless access point identification, So that terminal inquires whether to wireless access point have sent wireless access according to wireless access point identification in request sends record Request;
If the expression for receiving terminal transmission has had sent the authentication response of wireless access request, perform to nothing The step of line access pin is verified.
In the present embodiment, specifically, wireless access point is after the wireless access request of terminal transmission is received, root Terminal iidentification in being asked according to wireless access sends authentication request to terminal, includes wireless access in authentication request Point identification.After terminal receives authentication request, whether once wireless to this inquired in the request transmission record of preservation Access point is transmitted across wireless access request, is transmitted across wireless access request if inquiring to the wireless access point, terminal is to nothing Line access point returns to authentication response, and authentication response represents to have had sent wireless access request.Wireless access point connects The expression for receiving terminal transmission has had sent the authentication response of wireless access request, then can carry out wireless access password The process verified.
Present embodiment by according to terminal iidentification to terminal send authentication request, so as to wireless access is asked into Row verification so that terminal determines whether once to be transmitted across wireless access request to wireless access point, so as to ensure that terminal can connect It is connected in the wireless access point for being transmitted across wireless access request, ensure that terminal actively can go to be connected to wireless access point In.
Fig. 2 is the flow chart of wireless network access method provided by Embodiment 2 of the present invention, as shown in Fig. 2, the present embodiment Method include:
Step 201 receives the second certification request that wireless access point is sent, wherein, the second certification request is wireless access Random number and pre-stored root key of the point in the first certification request sent according to terminal determine the first authentication information It sends later, the second certification request includes random number, wireless access point identification, the first authentication information and the first certification please Terminal iidentification in asking.
In the present embodiment, specifically, wireless access point receives the first certification request that terminal is sent, the first certification request In include random number and terminal iidentification, wireless access point determines that the first certification is believed according to random number and pre-stored root key After breath, the second certification request is sent to server, the second certification request includes wireless access point identification, the first authentication information And the first random number and terminal iidentification in certification request.Server receives the second certification request that wireless access point is sent.
Step 202, according to random number and wireless access point identification, the first authentication information is authenticated.
In the present embodiment, specifically, server is according to the random number and wireless access point identification received, to first Authentication information is authenticated.
Step 203, according to terminal iidentification to terminal return authentication as a result, authentication result represent wireless access point whether close Method.
In the present embodiment, specifically, server obtains authentication result after being authenticated to the first authentication information, Authentication result represents whether the wireless access point is legal;Authentication result is returned to terminal by server, so that terminal is according to wireless Whether access point is legal, it is determined whether is linked into the wireless network of wireless access point.For example, terminal can be mobile phone, Terminal iidentification can be phone number;Server, can be according to mobile phone after the legal authentication result of wireless access point is obtained Authentication result is sent to mobile phone, so that mobile phone by number in the form of note data packet by short message service carrying platform Determine whether to be connected in wireless access point according to authentication result is received.
The second certification request that the present embodiment is sent by receiving wireless access point, wherein, the second certification request is wireless Random number and pre-stored root key of the access point in the first certification request sent according to terminal determine the first certification It is sent after information;Random number and wireless access point identification in the second certification request carry out the first authentication information Certification, and to terminal return authentication as a result, authentication result represents whether wireless access point legal.So as to be asked to wireless access In access pin be proved to be successful after, the safety of wireless access point is authenticated, ensures the safety of wireless access point And legitimacy, terminal is prevented to be linked into illegal wireless access point, it is therefore prevented that illegal wireless access point can be to terminal In data stolen and usurped, so as to bring economic loss using the user of the terminal the problem of.
Further, on the basis of above-described embodiment, algorithm mark is further included in the second certification request, algorithm is identified as It is carried in first certification request, the specific embodiment of step 202, including:
According to wireless access point identification, in the correspondence of pre-stored wireless access point identification and root key, look into Look for root key corresponding with wireless access point identification;
Using with the corresponding algorithm of algorithm mark to random number and root key corresponding with wireless access point identification carry out Operation determines the second authentication information;
Judge whether the first authentication information is consistent with the second authentication information;
It is consistent with the second authentication information in the first authentication information, then it performs and wireless access is returned to terminal according to terminal iidentification The step of putting legal authentication result.
In the present embodiment, specifically, having prestored N kinds algorithm algorithm mark corresponding with N kind algorithms in server The correspondence of knowledge, wherein, N is greater than 0 integer;Wireless router mark and pair of root key are also prestored in server It should be related to.First, server is close in pre-stored wireless access point identification and root according to the wireless access point identification received In the correspondence of key, root key corresponding with wireless access point identification is searched;Then, server is identified according to algorithm, pre- It is determined and the corresponding algorithm of algorithm mark in the correspondence of the N kinds algorithm first stored algorithm mark corresponding with N kind algorithms;Clothes Be engaged in device use with the corresponding algorithm of algorithm mark to random number and root key corresponding with wireless access point identification progress operation, Determine the second authentication information;Server judges whether the first authentication information is consistent with the second authentication information, if unanimously, server According to terminal iidentification to terminal return authentication as a result, the authentication result represents that wireless access point is legal;If inconsistent, server According to terminal iidentification to terminal return authentication as a result, the authentication result represents that wireless access point is illegal.
Present embodiment by using with the corresponding algorithm of algorithm mark to random number and with wireless access point identification pair The root key answered carries out operation, determines the second authentication information, consistent with the second authentication information in the first authentication information, and terminal returns The legal authentication result of wireless access point so that terminal can be linked into legal wireless access point, avoid terminal access After into illegal wireless access point, after being damaged to terminal and bringing economic loss to the user using the terminal Fruit.
Fig. 3 is the structure diagram of wireless access point that the embodiment of the present invention three provides, as shown in figure 3, the present embodiment Wireless access point, including:
Wireless access request receiving module 31, for receiving the wireless access request of terminal transmission, in wireless access request Including terminal iidentification and access pin;
Wireless access requests verification module 32, for being verified to access pin, and after being verified, is returned to terminal Returning allows access information;
First certification request receiving module 33, for receiving the first certification request of terminal transmission, in the first certification request Including random number and terminal iidentification;
First authentication module 34, for according to random number and pre-stored root key, determining the first authentication information;
Sending module 35, for server send the second certification request, the second certification request include terminal iidentification, with Machine number, wireless access point identification and the first authentication information, so that server is according to random number and wireless access point identification pair First authentication information be authenticated after according to terminal iidentification to terminal return authentication as a result, authentication result represent wireless access point It is whether legal.
Further, on the basis of above-described embodiment, algorithm mark is further included in the first certification request;Correspondingly, the One authentication module 34, is specifically used for:
It determines and the corresponding algorithm of algorithm mark;
Operation is carried out to random number and root key using algorithm, determines the first authentication information.
Further, on the basis of above-described embodiment, algorithm mark is further included in the second certification request;Correspondingly, hair Module 35 is sent, is specifically used for:
To server send the second certification request so that server use with the algorithm corresponding algorithm of mark to random number with And corresponding with wireless access point identification root key carries out operation and removes to determine the second authentication information, and in the first authentication information and the The legal authentication result of mark wireless access point is returned to terminal according to terminal iidentification when two authentication informations are consistent;
Wherein, root key corresponding with wireless access point identification is deposited for server according to wireless access point identification in advance It is determined in the wireless access point identification of storage and the correspondence of root key.
Further, on the basis of above-described embodiment, wireless access requests verification module 32 is additionally operable to:
Before being verified to access pin, authentication request, authentication are sent to terminal according to terminal iidentification Request includes wireless access point identification so that terminal according to wireless access point identification request send record in inquire whether to Wireless access point has sent wireless access request;
If the expression for receiving terminal transmission has had sent the authentication response of wireless access request, perform to nothing The step of line access pin is verified.
The wireless access point of the present embodiment can perform the wireless network access method of the offer of the embodiment of the present invention one, realize Principle is similar, and details are not described herein again.
After the present embodiment is verified by the access pin in the request of the wireless access that is sent to terminal, receive again eventually Hold the first certification request sent, terminal iidentification further included in wireless access request, the first certification request include random number with Terminal iidentification;According to random number and pre-stored root key, the first authentication information is determined;The second certification is sent to server Request, so that random number and wireless access point identification of the server in the second certification request recognize the first authentication information The backward terminal return authentication of card is as a result, authentication result represents whether wireless access point is legal.So as to be asked to wireless access In access pin be proved to be successful after, the safety of wireless access point is authenticated, ensures the safety of wireless access point And legitimacy, terminal is prevented to be linked into illegal wireless access point, it is therefore prevented that illegal wireless access point can be to terminal In data stolen and usurped, so as to bring economic loss using the user of the terminal the problem of.
Fig. 4 is the structure diagram of server that the embodiment of the present invention four provides, as shown in figure 4, the service of the present embodiment Device, including:
Second certification request receiving module 41, for receiving the second certification request of wireless access point transmission, wherein, second Certification request is close for random number and pre-stored piece of the wireless access point in the first certification request sent according to terminal Key determines what the first authentication information was sent later, and the second certification request includes random number, wireless access point identification, the first certification Terminal iidentification in information and the first certification request;
Second authentication module 42, for according to random number and wireless access point identification, being authenticated to the first authentication information;
Return module 43, for according to terminal iidentification to terminal return authentication as a result, authentication result represent wireless access point It is whether legal.
Further, on the basis of above-described embodiment, algorithm mark is further included in the second certification request, algorithm is identified as It is carried in first certification request;Correspondingly, the second authentication module 42, is specifically used for:
According to wireless access point identification, in the correspondence of pre-stored wireless access point identification and root key, look into Look for root key corresponding with wireless access point identification;
Using with the corresponding algorithm of algorithm mark to random number and root key corresponding with wireless access point identification carry out Operation determines the second authentication information;
Judge whether the first authentication information is consistent with the second authentication information;
It is consistent with the second authentication information in the first authentication information, then it performs and wireless access is returned to terminal according to terminal iidentification The step of putting legal authentication result.
The server of the present embodiment can perform wireless network access method provided by Embodiment 2 of the present invention, realization principle Similar, details are not described herein again.
The second certification request that the present embodiment is sent by receiving wireless access point, wherein, the second certification request is wireless Random number and pre-stored root key of the access point in the first certification request sent according to terminal determine the first certification It is sent after information;Random number and wireless access point identification in the second certification request carry out the first authentication information Certification, and to terminal return authentication as a result, authentication result represents whether wireless access point legal.So as to be asked to wireless access In access pin be proved to be successful after, the safety of wireless access point is authenticated, ensures the safety of wireless access point And legitimacy, terminal is prevented to be linked into illegal wireless access point, and then prevent illegal wireless access point can be to end Data in end are stolen and are usurped, and avoid and bring economic loss to the user of using terminal.
One of ordinary skill in the art will appreciate that:Realizing all or part of step of above-mentioned each method embodiment can lead to Program instruction is crossed to the hardware of pass to complete.Aforementioned program can be stored in a computer read/write memory medium.The journey Sequence when being executed, performs the step of including above-mentioned each method embodiment;And aforementioned storage medium includes:ROM, RAM, magnetic disc or The various media that can store program code such as person's CD.
Finally it should be noted that:The above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although The present invention is described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that:It still may be used To modify to the technical solution recorded in foregoing embodiments or carry out equivalent replacement to which part technical characteristic; And these modification or replace, do not make to answer technical solution essence be detached from various embodiments of the present invention technical solution spirit and Range.

Claims (12)

1. a kind of wireless network access method, which is characterized in that including:
Wireless access point receives the wireless access request that terminal is sent, and the wireless access request includes terminal iidentification and access Password;
The wireless access point is verified the access pin, and after being verified, and allows to connect to terminal return Enter information;
The wireless access point receives the first certification request that the terminal is sent, and first certification request includes random number And terminal iidentification;
The wireless access point determines the first authentication information according to the random number and pre-stored root key;
The wireless access point sends the second certification request to server, and second certification request includes the terminal mark Knowledge, the random number, wireless access point identification and first authentication information, so that the server is according to the random number And root key corresponding with the wireless access point identification determines the second authentication information, and according to second authentication information pair First authentication information be authenticated after according to the terminal iidentification to the terminal return authentication as a result, the certification knot Fruit represents whether the wireless access point is legal;
Wherein, root key corresponding with the wireless access point identification is the server according to the wireless access point identification It is determined in the correspondence of pre-stored wireless access point identification and root key.
2. according to the method described in claim 1, it is characterized in that, algorithm mark is further included in first certification request;
Correspondingly, it is described according to the random number and pre-stored root key, determine the first authentication information, including:
It determines and the corresponding algorithm of algorithm mark;
Operation is carried out to the random number and the root key using the algorithm, determines the first authentication information.
3. according to the method described in claim 2, it is characterized in that, the algorithm mark is further included in second certification request Know;
Correspondingly, described send the second certification request to server, so that the server is according to the random number and the nothing Line access point identity first authentication information is authenticated after according to the terminal iidentification to the terminal return authentication As a result, including:
The second certification request is sent to the server, so that the server uses and the corresponding algorithm pair of algorithm mark The random number and root key corresponding with the wireless access point identification carry out operation and remove to determine the second authentication information, and Mark institute is returned to the terminal according to the terminal iidentification when first authentication information is consistent with second authentication information State the legal authentication result of wireless access point;
Wherein, root key corresponding with the wireless access point identification is the server according to the wireless access point identification It is determined in the correspondence of pre-stored wireless access point identification and root key.
4. according to any methods of claim 1-3, which is characterized in that described that the wireless access password is verified Before, it further includes:
Authentication request is sent to the terminal according to the terminal iidentification, the authentication request includes described wireless Access point identity, so that whether the terminal is inquired in request sends record to the nothing according to the wireless access point identification Line access point has sent the wireless access request;
If the expression for receiving terminal transmission has had sent the authentication response of the wireless access request, perform to institute State the step of wireless access password is verified.
5. a kind of wireless network access method, which is characterized in that including:
Server receives the second certification request that wireless access point is sent, wherein, second certification request wirelessly connects to be described Random number and pre-stored root key of the access point in the first certification request sent according to terminal determine that the first certification is believed What breath was sent later, second certification request includes the random number, wireless access point identification, first authentication information And the terminal iidentification in first certification request;
The server determines that the second certification is believed according to the random number and root key corresponding with the wireless access point identification Breath, and first authentication information is authenticated according to second authentication information;Wherein with the wireless access point identification Corresponding root key, for the server according to the wireless access point identification in pre-stored wireless access point identification and root It is determined in the correspondence of key;
The server is according to the terminal iidentification to the terminal return authentication as a result, the authentication result represents described wireless Whether access point is legal.
6. according to the method described in claim 5, it is characterized in that, algorithm mark, institute are further included in second certification request It states algorithm and is identified as what is carried in first certification request;
Correspondingly, it is described according to the random number and the wireless access point identification, first authentication information is authenticated, Including:
According to the wireless access point identification, in the correspondence of pre-stored wireless access point identification and root key, look into Look for root key corresponding with the wireless access point identification;
Using with the algorithm corresponding algorithm of mark to the random number and with corresponding of the wireless access point identification Key carries out operation, determines the second authentication information;
Judge whether first authentication information and second authentication information are consistent;
It is consistent with second authentication information in first authentication information, then it performs according to the terminal iidentification to the terminal The step of returning to the wireless access point legal authentication result.
7. a kind of wireless access point, which is characterized in that including:
Wireless access request receiving module for receiving the wireless access request of terminal transmission, is wrapped in the wireless access request Include terminal iidentification and access pin;
Wireless access requests verification module, for being verified to the access pin, and after being verified, to the terminal Returning allows access information;
First certification request receiving module, for receiving the first certification request that the terminal is sent, first certification request Include random number and terminal iidentification;
First authentication module, for according to the random number and pre-stored root key, determining the first authentication information;
Sending module, for server send the second certification request, second certification request include the terminal iidentification, The random number, wireless access point identification and first authentication information so that the server according to the random number with And root key corresponding with the wireless access point identification determines the second authentication information, and according to second authentication information to institute It states after the first authentication information is authenticated according to the terminal iidentification to the terminal return authentication as a result, the authentication result Represent whether the wireless access point is legal;
Wherein, root key corresponding with the wireless access point identification is the server according to the wireless access point identification It is determined in the correspondence of pre-stored wireless access point identification and root key.
8. wireless access point according to claim 7, which is characterized in that further include algorithm mark in first certification request Know;
Correspondingly, first authentication module, is specifically used for:
It determines and the corresponding algorithm of algorithm mark;
Operation is carried out to the random number and the root key using the algorithm, determines the first authentication information.
9. wireless access point according to claim 8, which is characterized in that further include the calculation in second certification request Method identifies;
Correspondingly, the sending module, is specifically used for:
The second certification request is sent to the server, so that the server uses and the corresponding algorithm pair of algorithm mark The random number and root key corresponding with the wireless access point identification carry out operation and remove to determine the second authentication information, and Mark institute is returned to the terminal according to the terminal iidentification when first authentication information is consistent with second authentication information State the legal authentication result of wireless access point;
Wherein, root key corresponding with the wireless access point identification is the server according to the wireless access point identification It is determined in the correspondence of pre-stored wireless access point identification and root key.
10. according to any wireless access point of claim 7-9, which is characterized in that the wireless access requests verification mould Block is additionally operable to:
Before being verified to the access pin, authentication request is sent to the terminal according to the terminal iidentification, The authentication request includes the wireless access point identification, so that the terminal exists according to the wireless access point identification Request sends to inquire in record and whether has sent the wireless access to the wireless access point and ask;
If the expression for receiving terminal transmission has had sent the authentication response of the wireless access request, perform to institute State the step of wireless access password is verified.
11. a kind of server, which is characterized in that including:
Second certification request receiving module, for receiving the second certification request of wireless access point transmission, wherein, described second recognizes Card request is random number and pre-stored piece of the wireless access point in the first certification request sent according to terminal Key determines what the first authentication information was sent later, and second certification request includes the random number, wireless access point mark Know, the terminal iidentification in first authentication information and first certification request;
Second authentication module, for determining second according to the random number and root key corresponding with the wireless access point identification Authentication information, and first authentication information is authenticated according to second authentication information;Wherein with the wireless access The corresponding root key of point identification, for the server according to the wireless access point identification in pre-stored wireless access point mark Know what is determined in the correspondence with root key;
Return module, for according to the terminal iidentification to the terminal return authentication as a result, the authentication result represent described in Whether wireless access point is legal.
12. server according to claim 11, which is characterized in that further include algorithm mark in second certification request Know, the algorithm is identified as what is carried in first certification request;
Correspondingly, second authentication module, is specifically used for:
According to the wireless access point identification, in the correspondence of pre-stored wireless access point identification and root key, look into Look for root key corresponding with the wireless access point identification;
Using with the algorithm corresponding algorithm of mark to the random number and with corresponding of the wireless access point identification Key carries out operation, determines the second authentication information;
Judge whether first authentication information and second authentication information are consistent;
It is consistent with second authentication information in first authentication information, then it performs according to the terminal iidentification to the terminal The step of returning to the wireless access point legal authentication result.
CN201510502758.XA 2015-08-14 2015-08-14 wireless network access method, wireless access point and server Active CN105188055B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510502758.XA CN105188055B (en) 2015-08-14 2015-08-14 wireless network access method, wireless access point and server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510502758.XA CN105188055B (en) 2015-08-14 2015-08-14 wireless network access method, wireless access point and server

Publications (2)

Publication Number Publication Date
CN105188055A CN105188055A (en) 2015-12-23
CN105188055B true CN105188055B (en) 2018-06-12

Family

ID=54909845

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510502758.XA Active CN105188055B (en) 2015-08-14 2015-08-14 wireless network access method, wireless access point and server

Country Status (1)

Country Link
CN (1) CN105188055B (en)

Families Citing this family (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105539219B (en) * 2015-12-31 2018-11-06 宇龙计算机通信科技(深圳)有限公司 A kind of condition detection method and device based on safety seat
CN105743657A (en) * 2016-04-07 2016-07-06 福州市鼓楼区智成商标事务所有限公司 Method for preventing hot spot from being illegally used
CN105657702A (en) * 2016-04-07 2016-06-08 中国联合网络通信集团有限公司 Authentication method, authentication system, authentication method of mobile terminal and mobile terminal
CN105916148A (en) * 2016-04-19 2016-08-31 石狮睿纺纺织品贸易有限公司 Garment certified product verification method based on WIFI
CN105871860A (en) * 2016-04-19 2016-08-17 石狮睿纺纺织品贸易有限公司 Method for quality product verification of shoes based on WIFI
CN105761092A (en) * 2016-04-19 2016-07-13 石狮睿纺纺织品贸易有限公司 Method for performing clothing verification through server
CN105743923A (en) * 2016-04-19 2016-07-06 石狮睿纺纺织品贸易有限公司 Method for verifying whether shoes are quality products or not by utilizing mobile phone
CN105916146A (en) * 2016-04-19 2016-08-31 石狮睿纺纺织品贸易有限公司 Method for verifying whether garment product is certified product or not through cellphone
CN105916147A (en) * 2016-04-19 2016-08-31 石狮睿纺纺织品贸易有限公司 Method for shoe verification through server
CN105959941A (en) * 2016-04-21 2016-09-21 林碧琴 Method for providing access point on a high-speed train
CN105959940A (en) * 2016-04-21 2016-09-21 林碧琴 Method for providing WIFI on high-speed train
CN105848142A (en) * 2016-04-21 2016-08-10 林碧琴 Bus mobile WIFI authentication method
CN105873032A (en) * 2016-04-21 2016-08-17 林碧琴 Bus mobile hotspot authentication method
CN107360573B (en) * 2016-05-10 2020-11-27 中兴通讯股份有限公司 Terminal access method and device
CN105873035A (en) * 2016-05-19 2016-08-17 福州市协成智慧科技有限公司 Safe AP (access point) information processing method
CN106060804A (en) * 2016-05-19 2016-10-26 福州市协成智慧科技有限公司 Wireless distance triangulation location method
CN105873034A (en) * 2016-05-19 2016-08-17 徐美琴 Safe hot spot information processing method
CN105873036A (en) * 2016-05-19 2016-08-17 郑建钦 Safe AP (access point) information processing method
CN105898739A (en) * 2016-05-19 2016-08-24 郑建钦 Method for preventing hot spot from being illegally simulated
CN106101058A (en) * 2016-05-19 2016-11-09 郑建钦 A kind of hot information processing method based on Quick Response Code
CN106028328A (en) * 2016-05-19 2016-10-12 徐美琴 NFC-based hotspot authentication method
CN106330947A (en) * 2016-09-06 2017-01-11 西安瀚炬网络科技有限公司 Method and system for recognizing disguised WiFi and system working method
CN106792667B (en) * 2016-12-23 2020-12-18 北京光年无限科技有限公司 Network access authentication method for robot and robot
CN106714175B (en) * 2016-12-30 2020-12-04 哈尔滨安天科技集团股份有限公司 Verification method and system for anti-counterfeiting wifi access point
CN107454595A (en) * 2017-09-28 2017-12-08 上海盈联电信科技有限公司 Authentication method for Commercial Complex wireless connection
CN110324287B (en) * 2018-03-31 2020-10-23 华为技术有限公司 Access authentication method, device and server
CN112702776B (en) * 2020-12-15 2023-03-21 锐捷网络股份有限公司 Method for realizing wireless terminal access to wireless local area network and wireless access point
CN113316142B (en) * 2021-05-21 2022-08-02 中国联合网络通信集团有限公司 Wireless network access method and device
CN113316139B (en) * 2021-05-21 2023-03-21 中国联合网络通信集团有限公司 Wireless network access method and wireless access point
CN113347629A (en) * 2021-05-21 2021-09-03 中国联合网络通信集团有限公司 Method, access point and terminal for providing network access service
CN113316149B (en) * 2021-06-04 2023-05-12 广东电网有限责任公司 Identity security authentication method, device, system, wireless access point and medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1549526A (en) * 2003-05-16 2004-11-24 华为技术有限公司 Method for realizing radio local area network authentication
US7735114B2 (en) * 2003-09-04 2010-06-08 Foundry Networks, Inc. Multiple tiered network security system, method and apparatus using dynamic user policy assignment
CN101867929A (en) * 2010-05-25 2010-10-20 北京星网锐捷网络技术有限公司 Authentication method, system, authentication server and terminal equipment
CN101951590A (en) * 2010-09-03 2011-01-19 中兴通讯股份有限公司 Authentication method, device and system
CN101977383A (en) * 2010-08-03 2011-02-16 北京星网锐捷网络技术有限公司 Authentication processing method, system, client side and server for network access
CN102843682A (en) * 2012-08-20 2012-12-26 中国联合网络通信集团有限公司 Access point authorizing method, device and system
CN103716795A (en) * 2012-10-09 2014-04-09 中兴通讯股份有限公司 Wireless network safe access method, apparatus and system
CN104010310A (en) * 2014-05-21 2014-08-27 中国人民解放军信息工程大学 Heterogeneous network unified authentication method based on physical layer safety

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1549526A (en) * 2003-05-16 2004-11-24 华为技术有限公司 Method for realizing radio local area network authentication
US7735114B2 (en) * 2003-09-04 2010-06-08 Foundry Networks, Inc. Multiple tiered network security system, method and apparatus using dynamic user policy assignment
CN101867929A (en) * 2010-05-25 2010-10-20 北京星网锐捷网络技术有限公司 Authentication method, system, authentication server and terminal equipment
CN101977383A (en) * 2010-08-03 2011-02-16 北京星网锐捷网络技术有限公司 Authentication processing method, system, client side and server for network access
CN101951590A (en) * 2010-09-03 2011-01-19 中兴通讯股份有限公司 Authentication method, device and system
CN102843682A (en) * 2012-08-20 2012-12-26 中国联合网络通信集团有限公司 Access point authorizing method, device and system
CN103716795A (en) * 2012-10-09 2014-04-09 中兴通讯股份有限公司 Wireless network safe access method, apparatus and system
CN104010310A (en) * 2014-05-21 2014-08-27 中国人民解放军信息工程大学 Heterogeneous network unified authentication method based on physical layer safety

Also Published As

Publication number Publication date
CN105188055A (en) 2015-12-23

Similar Documents

Publication Publication Date Title
CN105188055B (en) wireless network access method, wireless access point and server
CN107733852B (en) A kind of auth method and device, electronic equipment
CN104639562B (en) A kind of system of pushing certification and the method for work of equipment
CN105101194B (en) Terminal security authentication method, apparatus and system
CN109525604B (en) Account number binding method and related equipment
CN105262588B (en) Login method, account management server based on dynamic password and mobile terminal
CN102572815B (en) Method, system and device for processing terminal application request
CN103974248B (en) Terminal security guard method in ability open system, apparatus and system
CN103905194B (en) Identity traceability authentication method and system
CN106162517A (en) The management method of a kind of virtual SIM card and system
US20160173473A1 (en) Method for authenticating a user, corresponding server, communications terminal and programs
CN108259164A (en) The identity identifying method and equipment of a kind of internet of things equipment
CN108462710A (en) Authentication authority method, device, certificate server and machine readable storage medium
CN106789841A (en) Method for processing business, terminal, server and system
CN108243176A (en) Data transmission method and device
CN107426235A (en) Purview certification method, apparatus and system based on device-fingerprint
CN109729000B (en) Instant messaging method and device
CN102984335B (en) Dial the identity identifying method of landline telephone, equipment and system
US20230180010A1 (en) Method for securely connecting vehicle and bluetooth key, and bluetooth module and bluetooth key
CN109714769A (en) Information binding method, device, equipment and storage medium
CN107911398A (en) Authentication method, device and the system of identity information
CN107819766A (en) Safety certifying method, system and computer-readable recording medium
CN106911628A (en) A kind of user registers the method and device of application software on the client
CN113438081B (en) Authentication method, device and equipment
CN104009850B (en) A kind of method for authenticating user identity and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant