CN113316141A - Wireless network access method, sharing server and wireless access point - Google Patents

Wireless network access method, sharing server and wireless access point Download PDF

Info

Publication number
CN113316141A
CN113316141A CN202110557789.0A CN202110557789A CN113316141A CN 113316141 A CN113316141 A CN 113316141A CN 202110557789 A CN202110557789 A CN 202110557789A CN 113316141 A CN113316141 A CN 113316141A
Authority
CN
China
Prior art keywords
access point
wireless access
terminal
random number
encryption result
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110557789.0A
Other languages
Chinese (zh)
Other versions
CN113316141B (en
Inventor
田新雪
蒙睿
肖征荣
马书惠
杨子文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN202110557789.0A priority Critical patent/CN113316141B/en
Publication of CN113316141A publication Critical patent/CN113316141A/en
Application granted granted Critical
Publication of CN113316141B publication Critical patent/CN113316141B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/037Protecting confidentiality, e.g. by encryption of the control plane, e.g. signalling traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/73Access point logical identity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery
    • H04W48/14Access restriction or access information delivery, e.g. discovery data delivery using user query or user detection

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The disclosure provides a wireless network access method, a sharing server and a wireless access point, wherein the method comprises the following steps: receiving an authentication request sent by a first wireless access point, and acquiring a random number in the authentication request; transmitting a random number to a second wireless access point in response to authenticating the first wireless access point; in response to receiving a first encryption result sent by the first wireless access point and receiving a second encryption result sent by the second wireless access point, determining a comparison result according to the first encryption result and the second encryption result; and sending the comparison result to the first wireless access point so that the first wireless access point determines whether to allow the terminal to access a wireless network corresponding to the first wireless access point according to the comparison result. And a relatively fair mode is adopted to share wifi, so that the communication efficiency is improved, and the user experience is improved.

Description

Wireless network access method, sharing server and wireless access point
Technical Field
The disclosure belongs to the technical field of communication, and particularly relates to a wireless network access method, a sharing server and a wireless access point.
Background
With the development of the darkest technology, wifi (Wireless-Fidelity) is exposed to a great security hole. The vulnerability is named as KRACK (Key Reinstallation attack), the related range is very wide, wifi devices such as all computers, mobile phones and routers are almost affected, a hacker can monitor data communication conducted through network devices accessing wifi, the privacy of the user is stolen, the user client can be hijacked to a phishing hotspot, and flow hijacking, tampering and the like are achieved. Based on WPA2(wifi Protected Access2, second edition of wifi Protected Access) security protocol, an attacker can repeatedly use a disposable key provided when a client device joins in a wifi network, and information exchanged between an Access point and the client device is cracked through the method. This may result in leakage of credit cards, chat information, and passwords. The essence of this vulnerability is that the network is accessed with a shared key that is known to all public, especially in public wifi, resulting in a wireless eavesdropper being able to decrypt even the encrypted wireless signal.
Almost every terminal currently has its own home wifi, or other wifi that can be connected, such as home or business. However, when the terminal moves to a place where the wifi of the terminal can not be covered, the wifi service can not be obtained. Even if a lot of wifi information can be searched, the wifi of its own home may be in an idle state at this time because there is no access authorization. Whether wifi can be mutually used in a relatively just mode, the attributive wifi of the terminal can provide service to the outside, and meanwhile, when the terminal arrives at an other place, the terminal can be safely accessed into wifi of other people to improve communication efficiency, so that the problem which needs to be solved at present is solved urgently.
Disclosure of Invention
In view of the above-mentioned shortcomings in the prior art, the present disclosure provides a wireless network access method, a sharing server and a wireless access point.
As a first aspect of the present disclosure, there is provided a wireless network access method, including:
receiving an authentication request sent by a first wireless access point, and acquiring a random number in the authentication request, wherein the authentication request is sent by the first wireless access point after receiving a connection request sent by a terminal;
responding to the authentication of the first wireless access point, and sending a random number to a second wireless access point, wherein the second wireless access point is a wireless access point to which the terminal belongs;
in response to receiving a first encryption result sent by the first wireless access point and receiving a second encryption result sent by the second wireless access point, determining a comparison result according to the first encryption result and the second encryption result; the first encryption result is generated by encrypting a random number sent by the terminal to the first wireless access point, and the second encryption result is generated by encrypting the random number by the second wireless access point;
and sending the comparison result to the first wireless access point so that the first wireless access point determines whether to allow the terminal to access a wireless network corresponding to the first wireless access point according to the comparison result.
Preferably, the authenticating the first wireless access point comprises:
acquiring a wireless access point identifier in the authentication request;
and responding to the address corresponding to the wireless access point identification queried locally, and determining that the first wireless access point passes authentication.
As a second aspect of the present disclosure, there is provided a wireless network access method, the method including:
responding to a connection request sent by a terminal, generating a random number, and sending an authentication request carrying the random number to a sharing server;
receiving a comparison result sent by a sharing server, wherein the comparison result is obtained by comparing a first encryption result generated by encrypting the random number by the terminal with a second encryption result generated by encrypting the random number by a second wireless access point to which the terminal belongs;
and determining whether the terminal is allowed to access the wireless network corresponding to the first wireless access point or not according to the comparison result.
Preferably, the determining whether to allow the terminal to access the wireless network corresponding to the first wireless access point according to the comparison result includes:
and in response to determining that the first encryption result is consistent with the second encryption result, determining to allow the terminal to access the wireless network corresponding to the first wireless access point.
Preferably, the method further comprises:
in response to receiving the random number sent by the sharing server, encrypting the random number by using a preset key to obtain a second encryption result;
and sending the second encryption result to the sharing server.
As a third aspect of the present disclosure, there is provided a shared server including:
a receiving module, configured to receive an authentication request sent by a first wireless access point, where the authentication request is sent by the first wireless access point after receiving a connection request sent by a terminal;
an obtaining module, configured to obtain a random number in the authentication request;
a sending module, configured to send a random number to a second wireless access point in response to passing authentication of the first wireless access point, where the second wireless access point is a wireless access point to which the terminal belongs;
the determining module is used for responding to the receiving of a first encryption result sent by the first wireless access point and the receiving of a second encryption result sent by the second wireless access point, and determining a comparison result according to the first encryption result and the second encryption result; the first encryption result is generated by encrypting a random number sent by the terminal to the first wireless access point, and the second encryption result is generated by encrypting the random number by the second wireless access point;
the sending module is further configured to send the comparison result to the first wireless access point, so that the first wireless access point determines whether to allow the terminal to access a wireless network corresponding to the first wireless access point according to the comparison result.
Preferably, in the sending module, the first wireless access point is authenticated, specifically, for passing;
acquiring a wireless access point identifier in the authentication request;
and responding to the address corresponding to the wireless access point identification queried locally, and determining that the first wireless access point passes authentication.
As a fourth aspect of the present disclosure, there is provided a wireless access point, the method comprising:
the generating module is used for responding to a received connection request sent by a terminal and generating a random number;
a sending module, configured to send an authentication request carrying the random number to a shared server;
a receiving module, configured to receive a comparison result sent by a shared server, where the comparison result is obtained by comparing a first encryption result generated by encrypting the random number by the terminal with a second encryption result generated by encrypting the random number by a second wireless access point to which the terminal belongs;
and the determining module is used for determining whether the terminal is allowed to access the wireless network corresponding to the first wireless access point according to the comparison result.
Preferably, the determining module is specifically configured to:
and in response to determining that the first encryption result is consistent with the second encryption result, determining to allow the terminal to access the wireless network corresponding to the first wireless access point.
Preferably, the method further comprises the following steps:
the encryption module is used for responding to the received random number sent by the sharing server and encrypting the random number by using a preset secret key to obtain a second encryption result;
the sending module is further configured to send the second encryption result to the shared server.
In the embodiment of the disclosure, after receiving a connection request sent by a terminal, a first wireless access point sends a random number to a sharing server and the terminal, and after passing authentication of the first wireless access point, the sharing server sends the random number to a second wireless access point. After the sharing server respectively receives a first encryption result of the random number sent by the first wireless access point by the terminal and a second encryption result of the random number sent by the second wireless access point, a comparison result is determined and sent to the first wireless access point. And the first wireless access point determines whether to allow the terminal to access the wireless network corresponding to the first wireless access point according to the comparison result. Adopt more fair mode sharing wifi, when the terminal removes the unable territory district that covers of home country wifi, can connect others' wifi to the wifi of home country at terminal can externally provide service, improves the utilization ratio of the wifi of home country at terminal, improves communication efficiency, promotes user experience.
Drawings
Fig. 1 is a flowchart of a wireless network access method on a shared server side according to an embodiment of the present disclosure;
fig. 2 is an alternative implementation manner of the authentication of the first wireless access point in step 103 in fig. 1, according to an embodiment of the present disclosure;
fig. 3 is a flowchart of a wireless access method on a wireless access point side according to an embodiment of the present disclosure;
fig. 4 is another flowchart of a wireless access method at a wireless access point side according to an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of a shared server according to an embodiment of the present disclosure;
fig. 6 is a schematic structural diagram of a wireless access point according to an embodiment of the present disclosure.
Detailed Description
For a better understanding of the technical aspects of the present disclosure, reference is made to the following detailed description taken in conjunction with the accompanying drawings.
In order to adopt more fair mode sharing wifi to improve the utilization ratio of the wifi of affiliation at terminal, improve communication efficiency, promote user experience. The disclosure provides a wireless network access method, a sharing server and a wireless access point. The following detailed description is made with reference to the accompanying drawings which respectively illustrate embodiments provided by the present disclosure.
In the initial stage, a sharing server is constructed, all wifi willing to be shared are written into the sharing server, and all terminals added into the sharing server are allowed to normally access other wifi in the sharing service. Each terminal has its own home wireless access point (i.e., the second wireless access point in the embodiment of the present disclosure), for example, homewifi (home wifi), and has a shared preset key with the home second wireless access point, and each terminal can normally access the wireless network of its own home second wireless access point. The second wireless access point to which each terminal belongs sends the wireless access point identifier of itself and a corresponding address (a public network ip (Internet Protocol, Internet Protocol) address) to the sharing server for storage, and the sharing server writes the information into a wifi list in itself after receiving the information. The wireless access point to which the terminal belongs prompts that the terminal has joined the sharing server in an open SSID (Service Set Identifier).
Fig. 1 shows a flowchart of a wireless network access method on a shared server side provided by an embodiment of the present disclosure. The wireless network access method can be applied to a shared server. As shown in fig. 1, the wireless network access method provided in this embodiment includes the following steps.
Step S101, an authentication request sent by a first wireless access point is received. The authentication request is sent by the first wireless access point after receiving the connection request sent by the terminal.
Step S102, obtaining the random number in the authentication request.
Step S103, responding to the first wireless access point being authenticated, and sending a random number to the second wireless access point.
Step S104, in response to receiving the first encryption result sent by the first wireless access point and receiving the second encryption result sent by the second wireless access point, determining a comparison result according to the first encryption result and the second encryption result. The first encryption result is generated by encrypting the random number sent by the terminal to the first wireless access point, and the second encryption result is generated by encrypting the random number by the second wireless access point.
Step S105, sending the comparison result to the first wireless access point, so that the first wireless access point determines whether to allow the terminal to access the wireless network corresponding to the first wireless access point according to the comparison result.
The first wireless access point is a wireless access point (e.g., visitwife) to which the terminal applies for access, and the second wireless access point is a wireless access point (e.g., homewife) to which the terminal belongs. When the terminal moves to a place which cannot be covered by the second wireless access point, a nearby wireless network is automatically searched, namely the wireless network of the first wireless access point is searched, the terminal sends a connection request to the first wireless access point, the first wireless access point sends an authentication request to the sharing server to request the sharing server to authenticate the first wireless access point, and the first wireless access point is assisted to verify whether the terminal is reliable or not.
According to the wireless network access method provided by the embodiment of the disclosure, after receiving a connection request sent by a terminal, a first wireless access point generates a random number and sends the random number to a sharing server and the terminal respectively, and after the first wireless access point is authenticated by the sharing server, the sharing server sends the random number to a second wireless access point. After the sharing server respectively receives a first encryption result of the random number sent by the first wireless access point by the terminal and a second encryption result of the random number sent by the second wireless access point, a comparison result is determined and sent to the first wireless access point. And the first wireless access point determines whether to allow the terminal to access the wireless network corresponding to the first wireless access point according to the comparison result. Therefore, the shared server is used for authenticating the first wireless access point and assisting in verifying whether the terminal is reliable or not.
In the embodiment of the disclosure, wifi is shared in a relatively fair manner, when the terminal moves to a region where the wifi of the terminal cannot cover, wifi of other people can be connected, and the wifi of the terminal can provide services externally, so that the utilization rate of the wifi of the terminal is improved, the communication efficiency is improved, and the user experience is improved.
It should be noted that the comparison result includes that the first encryption result is consistent with the second encryption result, or that the first encryption result is inconsistent with the second encryption result.
In a preferred embodiment, when the first wireless access point sends the first encryption result to the shared server, the first wireless access point also sends the terminal name and the access point identifier of the second wireless access point.
Fig. 2 illustrates an alternative implementation manner of the authentication of the first wireless access point in step 103 in fig. 1, which is provided by an embodiment of the present disclosure. Further, as shown in fig. 2, the step S103 of authenticating the first wireless access point includes:
step S201, a wireless access point identifier in the authentication request is obtained.
Step S202, responding to the address corresponding to the wireless access point identification inquired locally, and determining that the first wireless access point passes the authentication.
In steps S201 to S202, when the sharing server locally queries the public network ip address corresponding to the wireless access point identifier in the authentication request, it indicates that the second wireless access point to which the terminal belongs previously stores the corresponding wireless access point identifier and the corresponding public network ip address in the sharing server, and the second wireless access point joins the sharing server and is willing to share wifi of itself. Thus, it is determined that the first wireless access point is authenticated, and then the sharing server may transmit the random number to the second wireless access point.
Fig. 3 shows a flowchart of a wireless access method on a wireless access point side according to an embodiment of the present disclosure. The wireless network access method may be applied to a first wireless access point. As shown in fig. 3, the wireless network access method provided in this embodiment includes the following steps.
Step S301, in response to receiving a connection request sent by a terminal, generates a random number.
Step S302, an authentication request carrying a random number is sent to a sharing server.
Step S303, receiving the comparison result sent by the sharing server.
Step S304, according to the comparison result, whether the terminal is allowed to access the wireless network corresponding to the first wireless access point is determined.
In the wireless network access method provided by the embodiment of the present disclosure, the first wireless access point is a wireless access point (e.g., visitwife) to which the terminal applies for access, and the second wireless access point is a wireless access point (e.g., hometwife) to which the terminal belongs. When the terminal moves to a place which cannot be covered by the second wireless access point, a nearby wireless network is automatically searched, namely the wireless network of the first wireless access point is searched, the terminal sends a connection request to the first wireless access point, the first wireless access point sends an authentication request carrying a random number to the sharing server, the sharing server is requested to authenticate the first wireless access point, and whether the terminal is reliable or not is assisted to be verified. And the first wireless access point receives the comparison result sent by the sharing server, and determines whether the terminal is reliable according to the comparison result, namely whether the terminal is allowed to access the wireless network corresponding to the first wireless access point.
In the embodiment of the disclosure, wifi is shared in a relatively fair manner, when the terminal moves to a region where the wifi of the terminal cannot cover, wifi of other people can be connected, and the wifi of the terminal can provide services externally, so that the utilization rate of the wifi of the terminal is improved, the communication efficiency is improved, and the user experience is improved.
The comparison result is obtained by comparing a first encryption result generated by the terminal for encrypting the random number with a second encryption result generated by the terminal for encrypting the random number by the second radio access point.
In a preferred embodiment, the connection request includes a terminal name and a wireless access point identifier of the second wireless access point. After the first wireless access point generates the random number, the authentication request sent to the sharing server also carries the terminal name and the wireless access point identification of the second wireless access point.
Further, the method is applied to the first wireless access point. The determining whether to allow the terminal to access the wireless network corresponding to the first wireless access point according to the comparison result (i.e. step S304) includes: and in response to determining that the first encryption result is consistent with the second encryption result, determining to allow the terminal to access the wireless network corresponding to the first wireless access point.
In this step, if it is verified that the first encryption result is consistent with the second encryption result, it is indicated that the terminal is reliable, and the terminal is allowed to access the wireless network corresponding to the first wireless access point.
In the embodiment of the disclosure, if it is verified that a first encryption result obtained by encrypting the random number by the terminal is consistent with a second encryption result obtained by encrypting the random number by the second wireless access point, the terminal is reliable, and the terminal is allowed to access a wireless network corresponding to the first wireless access point according to the comparison result sent by the shared server. The realization adopts more fair mode sharing wifi, when the terminal remove the unable regional district that covers of home country wifi, can connect others' wifi to the wifi of the home country at terminal can externally provide service, improves the utilization ratio of the wifi of the home country at terminal, improves communication efficiency, promotes user experience.
It should be noted that, if it is verified that the first encryption result obtained by encrypting the random number by the terminal is inconsistent with the second encryption result obtained by encrypting the random number by the second wireless access point, it indicates that the terminal is unreliable, and the terminal is not allowed to access the wireless network corresponding to the first wireless access point.
Fig. 4 shows another flowchart of a wireless access method on a wireless access point side according to an embodiment of the present disclosure. Further, the wireless network access method may be applied to a second wireless access point, as shown in fig. 4, the method further includes:
step S401, in response to receiving the random number sent by the shared server, encrypts the random number by using a preset key to obtain a second encryption result.
Step S402, sending the second encryption result to the sharing server.
In steps S401 to S402, the second wireless access point receives the random number sent by the sharing server, encrypts the random number according to a preset algorithm by using a preset key shared with the terminal to obtain a second encryption result, and sends the second encryption result to the sharing server.
It should be noted that, after receiving the random number sent by the first wireless access point, the terminal encrypts the random number according to a preset algorithm by using a preset key shared with the second wireless access point to obtain a first encryption result, and sends the first encryption result to the shared server through the first wireless access point.
Fig. 5 shows a schematic structural diagram of a shared server provided in an embodiment of the present disclosure. Based on the same technical concept as the embodiment corresponding to fig. 1, as shown in fig. 5, the shared server provided by the embodiment of the present disclosure includes the following modules.
A receiving module 11, configured to receive an authentication request sent by a first wireless access point, where the authentication request is sent by the first wireless access point after receiving a connection request sent by a terminal.
An obtaining module 12, configured to obtain the random number in the authentication request.
A sending module 13, configured to send a random number to a second wireless access point in response to passing authentication of the first wireless access point, where the second wireless access point is a wireless access point to which the terminal belongs.
A determining module 14, configured to, in response to receiving a first encryption result sent by the first wireless access point and receiving a second encryption result sent by the second wireless access point, determine a comparison result according to the first encryption result and the second encryption result; the first encryption result is generated by encrypting a random number sent by the terminal to the first wireless access point, and the second encryption result is generated by encrypting the random number by the second wireless access point.
The sending module 13 is further configured to send the comparison result to the first wireless access point, so that the first wireless access point determines whether to allow the terminal to access the wireless network corresponding to the first wireless access point according to the comparison result.
In some embodiments, the sending module 13 is configured to authenticate the first wireless access point, specifically to pass;
and acquiring the wireless access point identification in the authentication request.
And responding to the address corresponding to the wireless access point identification queried locally, and determining that the first wireless access point passes authentication.
Fig. 6 shows a schematic structural diagram of a wireless access point provided in an embodiment of the present disclosure. Based on the same technical concept as the embodiment corresponding to fig. 3, as shown in fig. 5, the wireless access point provided by the embodiment of the present disclosure includes the following modules.
A generating module 21, configured to generate a random number in response to receiving a connection request sent by a terminal.
A sending module 22, configured to send an authentication request carrying the random number to the shared server.
A receiving module 23, configured to receive a comparison result sent by the shared server, where the comparison result is obtained by comparing a first encryption result generated by encrypting the random number by the terminal with a second encryption result generated by encrypting the random number by a second wireless access point to which the terminal belongs.
A determining module 24, configured to determine whether to allow the terminal to access the wireless network corresponding to the first wireless access point according to the comparison result.
In some embodiments, the determining module 24 is specifically configured to:
and in response to determining that the first encryption result is consistent with the second encryption result, determining to allow the terminal to access the wireless network corresponding to the first wireless access point.
In some embodiments, the wireless access point further comprises:
and the encryption module is used for responding to the received random number sent by the sharing server and encrypting the random number by using a preset key to obtain a second encryption result.
The sending module 22 is further configured to send the second encryption result to the sharing server.
It is to be understood that the above embodiments are merely exemplary embodiments that are employed to illustrate the principles of the present disclosure, and that the present disclosure is not limited thereto. It will be apparent to those skilled in the art that various changes and modifications can be made therein without departing from the spirit and scope of the disclosure, and these are to be considered as the scope of the disclosure.

Claims (10)

1. A wireless network access method, comprising:
receiving an authentication request sent by a first wireless access point, and acquiring a random number in the authentication request, wherein the authentication request is sent by the first wireless access point after receiving a connection request sent by a terminal;
responding to the authentication of the first wireless access point, and sending the random number to a second wireless access point, wherein the second wireless access point is a wireless access point to which the terminal belongs;
in response to receiving a first encryption result sent by the first wireless access point and receiving a second encryption result sent by the second wireless access point, determining a comparison result according to the first encryption result and the second encryption result; the first encryption result is generated by encrypting a random number sent by the terminal to the first wireless access point, and the second encryption result is generated by encrypting the random number by the second wireless access point;
and sending the comparison result to the first wireless access point so that the first wireless access point determines whether to allow the terminal to access a wireless network corresponding to the first wireless access point according to the comparison result.
2. The wireless network access method of claim 1, wherein the authenticating the first wireless access point comprises:
acquiring a wireless access point identifier in the authentication request;
and responding to the address corresponding to the wireless access point identification queried locally, and determining that the first wireless access point passes authentication.
3. A wireless network access method, the method comprising:
responding to a connection request sent by a terminal, generating a random number, and sending an authentication request carrying the random number to a sharing server;
receiving a comparison result sent by a sharing server, wherein the comparison result is obtained by comparing a first encryption result generated by encrypting the random number by the terminal with a second encryption result generated by encrypting the random number by a second wireless access point to which the terminal belongs;
and determining whether the terminal is allowed to access the wireless network corresponding to the first wireless access point or not according to the comparison result.
4. The method for accessing a wireless network according to claim 3, wherein the determining whether to allow the terminal to access the wireless network corresponding to the first wireless access point according to the comparison result includes:
and in response to determining that the first encryption result is consistent with the second encryption result, determining to allow the terminal to access the wireless network corresponding to the first wireless access point.
5. The wireless network access method of claim 3, wherein the method further comprises:
in response to receiving the random number sent by the sharing server, encrypting the random number by using a preset key to obtain a second encryption result;
and sending the second encryption result to the sharing server.
6. A shared server, comprising:
a receiving module, configured to receive an authentication request sent by a first wireless access point, where the authentication request is sent by the first wireless access point after receiving a connection request sent by a terminal;
an obtaining module, configured to obtain a random number in the authentication request;
a sending module, configured to send the random number to a second wireless access point in response to passing authentication of the first wireless access point, where the second wireless access point is a wireless access point to which the terminal belongs;
the determining module is used for responding to the receiving of a first encryption result sent by the first wireless access point and the receiving of a second encryption result sent by the second wireless access point, and determining a comparison result according to the first encryption result and the second encryption result; the first encryption result is generated by encrypting a random number sent by the terminal to the first wireless access point, and the second encryption result is generated by encrypting the random number by the second wireless access point;
the sending module is further configured to send the comparison result to the first wireless access point, so that the first wireless access point determines whether to allow the terminal to access a wireless network corresponding to the first wireless access point according to the comparison result.
7. The sharing server according to claim 6, wherein the sending module is configured to authenticate the first wireless access point;
acquiring a wireless access point identifier in the authentication request;
and responding to the address corresponding to the wireless access point identification queried locally, and determining that the first wireless access point passes authentication.
8. A wireless access point, the method comprising:
the generating module is used for responding to a received connection request sent by a terminal and generating a random number;
a sending module, configured to send an authentication request carrying the random number to a shared server;
a receiving module, configured to receive a comparison result sent by a shared server, where the comparison result is obtained by comparing a first encryption result generated by encrypting the random number by the terminal with a second encryption result generated by encrypting the random number by a second wireless access point to which the terminal belongs;
and the determining module is used for determining whether the terminal is allowed to access the wireless network corresponding to the first wireless access point according to the comparison result.
9. The wireless access point of claim 8, wherein the determining module is specifically configured to:
and in response to determining that the first encryption result is consistent with the second encryption result, determining to allow the terminal to access the wireless network corresponding to the first wireless access point.
10. The wireless access point of claim 8, further comprising:
the encryption module is used for responding to the received random number sent by the sharing server and encrypting the random number by using a preset secret key to obtain a second encryption result;
the sending module is further configured to send the second encryption result to the shared server.
CN202110557789.0A 2021-05-21 2021-05-21 Wireless network access method, sharing server and wireless access point Active CN113316141B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110557789.0A CN113316141B (en) 2021-05-21 2021-05-21 Wireless network access method, sharing server and wireless access point

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110557789.0A CN113316141B (en) 2021-05-21 2021-05-21 Wireless network access method, sharing server and wireless access point

Publications (2)

Publication Number Publication Date
CN113316141A true CN113316141A (en) 2021-08-27
CN113316141B CN113316141B (en) 2022-11-18

Family

ID=77374075

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110557789.0A Active CN113316141B (en) 2021-05-21 2021-05-21 Wireless network access method, sharing server and wireless access point

Country Status (1)

Country Link
CN (1) CN113316141B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1674539A (en) * 2004-03-25 2005-09-28 联想(北京)有限公司 A method for roaming radio local area network (LAN)
CN105359589A (en) * 2013-07-09 2016-02-24 奥林奇公司 Network architecture enabling a mobile terminal to roam into a wireless local area network
CN107690138A (en) * 2016-08-05 2018-02-13 华为技术有限公司 A kind of method for fast roaming, device, system, access point and movement station
JP2019033458A (en) * 2017-08-09 2019-02-28 Necプラットフォームズ株式会社 Communication device, communication terminal, communication system, communication control method and communication control program
CN110213046A (en) * 2019-05-30 2019-09-06 全链通有限公司 Auth method, equipment and storage medium based on alliance's block chain
CN110519747A (en) * 2018-05-21 2019-11-29 中兴通讯股份有限公司 A kind of loaming method and AP and AP collaborative work controller

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1674539A (en) * 2004-03-25 2005-09-28 联想(北京)有限公司 A method for roaming radio local area network (LAN)
CN105359589A (en) * 2013-07-09 2016-02-24 奥林奇公司 Network architecture enabling a mobile terminal to roam into a wireless local area network
CN107690138A (en) * 2016-08-05 2018-02-13 华为技术有限公司 A kind of method for fast roaming, device, system, access point and movement station
JP2019033458A (en) * 2017-08-09 2019-02-28 Necプラットフォームズ株式会社 Communication device, communication terminal, communication system, communication control method and communication control program
CN110519747A (en) * 2018-05-21 2019-11-29 中兴通讯股份有限公司 A kind of loaming method and AP and AP collaborative work controller
CN110213046A (en) * 2019-05-30 2019-09-06 全链通有限公司 Auth method, equipment and storage medium based on alliance's block chain

Also Published As

Publication number Publication date
CN113316141B (en) 2022-11-18

Similar Documents

Publication Publication Date Title
US11178125B2 (en) Wireless network connection method, wireless access point, server, and system
JP4804983B2 (en) Wireless terminal, authentication device, and program
US7913080B2 (en) Setting information distribution apparatus, method, program, and medium, authentication setting transfer apparatus, method, program, and medium, and setting information reception program
EP2630816B1 (en) Authentication of access terminal identities in roaming networks
KR101438243B1 (en) Sim based authentication
EP2622786B1 (en) Mobile handset identification and communication authentication
US8898453B2 (en) Authentication server and method for granting tokens
EP2384040B1 (en) Authentication server and method for granting tokens
US20060059344A1 (en) Service authentication
CN104469765B (en) Terminal authentication method and apparatus for use in mobile communication system
EP2879421B1 (en) Terminal identity verification and service authentication method, system, and terminal
CN101120569A (en) Remote access system and method for user to remotely access terminal equipment from subscriber terminal
CN109716724A (en) Method and system for dual network authentication of a communication device in communication with a server
JP2005512396A (en) Use of public key pairs at terminals to authenticate and authorize telecommunications subscribers to network providers and business partners
CN113473458B (en) Device access method, data transmission method and computer readable storage medium
JP2007503637A (en) Method, system, authentication server, and gateway for providing credentials
CN102143492B (en) Method for establishing virtual private network (VPN) connection, mobile terminal and server
CN112020716A (en) Remote biometric identification
CN115022850A (en) Authentication method, device, system, electronic equipment and medium for D2D communication
KR102171377B1 (en) Method of login control
CN105873059A (en) Joint identity authentication method and system for power distribution communication wireless private network
CN113316139B (en) Wireless network access method and wireless access point
KR20060094453A (en) Authentication method for pay-per-use service using eap and system thereof
CN113316141B (en) Wireless network access method, sharing server and wireless access point
CN111918292B (en) Access method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant