CN113316145B - Wireless network access method, wireless access equipment and terminal equipment - Google Patents

Wireless network access method, wireless access equipment and terminal equipment Download PDF

Info

Publication number
CN113316145B
CN113316145B CN202110557697.2A CN202110557697A CN113316145B CN 113316145 B CN113316145 B CN 113316145B CN 202110557697 A CN202110557697 A CN 202110557697A CN 113316145 B CN113316145 B CN 113316145B
Authority
CN
China
Prior art keywords
wireless access
access
authentication
equipment
authentication information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110557697.2A
Other languages
Chinese (zh)
Other versions
CN113316145A (en
Inventor
田新雪
蒙睿
肖征荣
马书惠
杨子文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN202110557697.2A priority Critical patent/CN113316145B/en
Publication of CN113316145A publication Critical patent/CN113316145A/en
Application granted granted Critical
Publication of CN113316145B publication Critical patent/CN113316145B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0872Generation of secret information including derivation or calculation of cryptographic keys or passwords using geo-location information, e.g. location data, time, relative position or proximity to other entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/73Access point logical identity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery
    • H04W48/14Access restriction or access information delivery, e.g. discovery data delivery using user query or user detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a wireless network access method, wireless access equipment and terminal equipment, wherein the method comprises the following steps: when an access request sent by a terminal device is received, acquiring first authentication information carried in the access request and an identifier of a first wireless access device to which the terminal device belongs; broadcasting an access authentication application message carrying time information and first authentication information in a block chain network so that first wireless access equipment can perform access authentication for terminal equipment according to the first authentication information; the time information is the time information when the second wireless access equipment receives the access request; and in response to receiving the authentication passing message broadcast by the first wireless access equipment in the block chain network, determining to allow the terminal equipment to access the second wireless access equipment. The terminal equipment belonging to the first wireless access equipment can be accessed to the second wireless access equipment after leaving the coverage range of the first wireless access equipment.

Description

Wireless network access method, wireless access equipment and terminal equipment
Technical Field
The invention relates to the technical field of block chains, in particular to a wireless network access method, wireless access equipment and terminal equipment.
Background
At present, most households are provided with WiFi (Wireless Fidelity, wireless network) for accessing mobile terminals in a household range, but when a mobile terminal moves to a place which cannot be covered by the household WiFi, wiFi services provided by the household WiFi cannot be obtained, at this time, even if the mobile terminal can search for information of a plurality of WiFi access points, the mobile terminal cannot access the WiFi access points because of no access authorization of the WiFi access points, at this time, the household WiFi may be in an idle state, how to enable the mobile terminal to access other household WiFi after leaving the coverage of the household WiFi, and at the same time, enabling other mobile terminals to access the household WiFi to which the mobile terminal belongs after leaving the coverage of the household WiFi to which the mobile terminal belongs becomes a problem which needs to be solved urgently.
Disclosure of Invention
Therefore, the invention provides a wireless network access method, wireless access equipment and terminal equipment, and aims to solve the problem that in the prior art, the terminal equipment cannot obtain WiFi access service because the terminal equipment leaves the coverage area of the wireless access equipment to which the terminal equipment belongs.
In order to achieve the above object, a first aspect of the present invention provides a wireless network access method, including:
when receiving an access request sent by a terminal device, acquiring first authentication information carried in the access request and an identifier of a first wireless access device to which the terminal device belongs;
broadcasting an access authentication application message carrying time information and the first authentication information in a block chain network, so that the first wireless access equipment can perform access authentication on the terminal equipment according to the first authentication information; the time information is the time information when the second wireless access equipment receives the access request;
in response to receiving an authentication passing message broadcast by the first wireless access device in the blockchain network, determining to allow the terminal device to access the second wireless access device;
when receiving an access authentication application message broadcast by other wireless access equipment in a block chain network, acquiring time information and first authentication information carried in the access authentication application message;
determining second authentication information according to time information and a current codebook carried in an access authentication application message broadcast by the other wireless access equipment in the blockchain network; the current code book is the same as the current code book of the terminal equipment belonging to the wireless access equipment;
and under the condition that the first authentication information and the second authentication information carried in the access authentication application message broadcast by the other wireless access equipment in the blockchain network meet the preset conditions, broadcasting an authentication passing message in the blockchain network.
In some embodiments, the determining second authentication information according to the current codebook and the time information carried in the access authentication application message broadcast by the other wireless access device in the blockchain network includes:
calculating and generating a password serial number according to time information carried in an access authentication application message broadcast by the other wireless access equipment in the block chain network;
and determining that the password information corresponding to the password serial number in the current password book is second authentication information.
In some embodiments, the method further comprises:
and updating the codebook according to a preset updating period.
In order to achieve the above object, a second aspect of the present invention provides a wireless network access method, including:
responding to the first wireless access equipment which the terminal equipment can not access, and determining second wireless access equipment;
and determining first authentication information according to the current time information and the current password, and sending an access request carrying the first authentication information and the identifier of the first wireless access equipment to the second wireless access equipment, so that the second wireless access equipment applies for access authentication of the terminal equipment to the first wireless access equipment according to the first authentication information.
In some embodiments, the determining the first authentication information according to the current time information and the current codebook includes:
calculating and generating a password serial number according to the current time information;
and determining that the password information corresponding to the password serial number in the current password book is first authentication information.
In some embodiments, the method further comprises:
and updating the codebook according to a preset updating period.
In order to achieve the above object, a third aspect of the present invention provides a wireless access apparatus, including:
the receiving module is used for receiving an access request sent by the terminal equipment; and means for receiving an authentication pass message broadcast by the first wireless access device in the blockchain network; the access authentication application message is used for receiving the access authentication application message broadcast by other wireless access equipment in the blockchain network;
an obtaining module, configured to, in response to the receiving module receiving an access request sent by a terminal device, obtain first authentication information carried in the access request and an identifier of a first wireless access device to which the terminal device belongs; the receiving module is used for responding to an access authentication application message broadcasted by other wireless access equipment in the blockchain network, and acquiring time information and first authentication information carried in the access authentication application message;
a broadcast module, configured to broadcast an access authentication application message carrying time information and the first authentication information in the blockchain network, so that the first wireless access device performs access authentication for the terminal device according to the first authentication information; the time information is the time information when the second wireless access equipment receives the access request; the wireless access device is used for broadcasting an authentication passing message in the blockchain network under the condition that the first authentication information and the second authentication information carried in the access authentication application message broadcast by the other wireless access device in the blockchain network meet the preset conditions;
a processing module, configured to determine that the terminal device is allowed to access the second wireless access device in response to the receiving module receiving an authentication passing message broadcast by the first wireless access device in the blockchain network; the second authentication information is determined according to the time information and the current codebook carried in the access authentication application message broadcast by the other wireless access equipment in the blockchain network; and the current code book is the same as the current code book of the terminal equipment belonging to the wireless access equipment.
In some embodiments, the processing module is to:
calculating and generating a password serial number according to time information carried in an access authentication application message broadcast by the other wireless access equipment in the block chain network;
and determining that the password information corresponding to the password serial number in the current password book is second authentication information.
In order to achieve the above object, a fourth aspect of the present invention provides a terminal device, including:
the processing module is used for responding to the first wireless access equipment which the terminal equipment cannot access, and determining second wireless access equipment; the first authentication information is determined according to the current time information and the current password book;
a sending module, configured to send an access request carrying the first authentication information and the identifier of the first wireless access device to the second wireless access device, so that the second wireless access device applies for access authentication for the terminal device to the first wireless access device according to the first authentication information.
In some embodiments, the processing module is to:
calculating and generating a password serial number according to the current time information;
and determining that the password information corresponding to the password serial number in the current password book is first authentication information.
The invention has the following advantages:
in the wireless network access method provided in the embodiment of the present invention, when a terminal device leaves a coverage area of a first wireless access device to which the terminal device belongs, the terminal device cannot be connected to the first wireless access device, an access request carrying first authentication information and an identifier of the first wireless access device may be sent to a second wireless access device, the second wireless access device applies for access authentication for the terminal device to the first wireless access device in a blockchain network according to the first authentication information determined by the terminal device, and when an authentication passing message broadcast by the first wireless access device in the blockchain network is received, it is determined that the terminal device is allowed to access the second wireless access device. The terminal equipment belonging to the first wireless access equipment can be accessed to the second wireless access equipment after leaving the coverage range of the first wireless access equipment.
And after leaving the coverage area of the second wireless access device, the terminal device belonging to the second wireless access device requests to access other wireless access devices, and the other wireless access devices broadcast an access authentication application message in the blockchain network to request the second wireless access device to perform access authentication for the terminal device. When receiving an access authentication application message broadcast by other wireless access equipment in the blockchain network, the second wireless access equipment can acquire time information and first authentication information carried in the access authentication application message, determines second authentication information according to the time information and the current password, and broadcasts an authentication passing message in the blockchain network under the condition that the first authentication information and the second authentication information meet preset conditions so that the other wireless access equipment can determine that the terminal equipment is allowed to access. And realizing that other terminal equipment belonging to the second wireless access equipment can be accessed to other wireless access equipment after leaving the coverage range of the second wireless access equipment.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention.
Fig. 1 is a first flowchart illustrating a wireless network access method of a wireless access device according to embodiment 1 of the present invention;
fig. 2 is a second flowchart illustrating a wireless network access method of a wireless access device according to embodiment 2 of the present invention;
fig. 3 is a schematic flowchart of determining second authentication information by a wireless access device according to embodiment 3 of the present invention;
fig. 4 is a schematic flowchart of a terminal device side wireless network access method according to embodiment 4 of the present invention;
fig. 5 is a schematic flowchart of a terminal device determining first authentication information according to embodiment 5 of the present invention;
fig. 6 is a first schematic structural diagram of a wireless access device according to embodiment 6 of the present invention;
fig. 7 is a schematic structural diagram of a wireless access device according to embodiment 7 of the present invention;
fig. 8 is a first schematic structural diagram of a terminal device according to embodiment 8 of the present invention;
fig. 9 is a schematic structural diagram of a terminal device according to embodiment 9 of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the present invention is further described in detail with reference to the accompanying drawings and the detailed description below.
It is to be understood that the specific embodiments and figures described herein are merely illustrative of the invention and are not limiting of the invention.
It is to be understood that the embodiments and features of the embodiments can be combined with each other without conflict.
It is to be understood that, for the convenience of description, only parts related to the present invention are shown in the drawings of the present invention, and parts not related to the present invention are not shown in the drawings.
It should be understood that each unit and module related in the embodiments of the present invention may correspond to only one physical structure, and may also be composed of multiple physical structures, or multiple units and modules may also be integrated into one physical structure.
It will be understood that, without conflict, the functions, steps, etc. noted in the flowchart and block diagrams of the present invention may occur in an order different from that noted in the figures.
It is to be understood that the flowchart and block diagrams of the present invention illustrate the architecture, functionality, and operation of possible implementations of systems, apparatus, devices and methods according to various embodiments of the present invention. Each block in the flowchart or block diagrams may represent a unit, module, segment, code, or portion thereof, which comprises executable instructions for implementing the specified function(s). Furthermore, each block or combination of blocks in the block diagrams and flowchart illustrations can be implemented by a hardware-based system that performs the specified functions or by a combination of hardware and computer instructions.
It is to be understood that the units and modules involved in the embodiments of the present invention may be implemented by software, and may also be implemented by hardware, for example, the units and modules may be located in a processor.
The wireless network access method provided by the embodiment of the invention can be applied to wireless access equipment and terminals, wherein each wireless access equipment is pre-accessed into a WiFi (wireless fidelity) sharing zone block chain network to become one node, and states that the WiFi sharing zone block chain network is added in an open SSID (Service Set Identifier), such as homewifi @ aaa.
As shown in fig. 1, an embodiment of the present invention provides a wireless network access method, which may be applied to a wireless access device, and the method may include the following steps:
step 11, when receiving an access request sent by the terminal device, acquiring the first authentication information carried in the access request and an identifier of a first wireless access device to which the terminal device belongs.
The access request is sent by the terminal device (hereinafter referred to as M1) to the second wireless access device (hereinafter referred to as visitwifi) after leaving the coverage of the first wireless access device (hereinafter referred to as homewifi) to which the terminal device belongs. The M1 belongs to homewifi, and after the M1 leaves the coverage range of homewifi, the M1 automatically searches WiFi information with @ aaa. The M1 determines first authentication information (RK for short) according to the current time information Tn and the current password book of the M1, sends an access request to visitwifi, and after receiving the access request sent by the M1, the visitwifi acquires the carried RK and homewifi identifiers.
And step 12, broadcasting an access authentication application message carrying time information and first authentication information in the block chain network, so that the first wireless access equipment performs access authentication for the terminal equipment according to the first authentication information.
The time information is the time information when the second wireless access device receives the access request.
It should be noted that since RK is determined by M1 according to the current time information Tn and the current codebook of M1, tn may also be carried in the access request sent by M1 to visitwifi. In the embodiment of the invention, because the error between the time when M1 determines RK and the time when visitfifu receives the access request sent by M1 is extremely small or even negligible, visitfifu can take the time when M1 sends the access request as Tn when Tn is not carried in the access request.
The visitwifi can broadcast an access authentication application message carrying Tn and RK in the blockchain network in a broadcast message mode of private key signature so as to apply for access authentication as M1 to homewifi in the blockchain network.
And step 13, in response to receiving the authentication passing message broadcast by the first wireless access device in the blockchain network, determining that the terminal device is allowed to access the second wireless access device.
The Homewifi responds to an access authentication application message broadcasted by the visitwifi in the blockchain network, a public key of the visitwifi can be obtained by searching a blockchain account book according to an identifier of the visitwifi, a private key signature on the access application message is verified by using the public key of the visitwifi, tn and RK carried in the access application message are obtained after verification is passed, second authentication information (RK ') is determined according to the Tn and a current password book of the Homewifi, whether the RK and the RK ' meet preset conditions or not is determined, and the Homewifi broadcasts an authentication passing message in the blockchain network under the condition that the RK and the RK ' meet the preset conditions is determined.
When an authentication passing message broadcasted by the homewifi in the block chain network is received, the visitwifi can determine that the homewifi passes the M1 access authentication, and then the M1 is allowed to access the visitwifi.
As can be seen from steps 11 to 13, in the wireless network access method provided in the embodiment of the present invention, when a terminal device leaves a coverage area of a first wireless access device to which the terminal device belongs, the terminal device cannot be connected to the first wireless access device, an access request carrying first authentication information and an identifier of the first wireless access device may be sent to a second wireless access device, the second wireless access device applies for access authentication for the terminal device to the first wireless access device in a blockchain network according to the first authentication information determined by the terminal device, and when an authentication passing message broadcast by the first wireless access device in the blockchain network is received, the terminal device is determined to be allowed to access the second wireless access device. The terminal equipment belonging to the first wireless access equipment can be accessed to the second wireless access equipment after leaving the coverage range of the first wireless access equipment.
As shown in fig. 2, the wireless network access method provided in the embodiment of the present invention may further include the following steps:
step 21, when receiving an access authentication application message broadcasted by other wireless access devices in the blockchain network, acquiring the time information and the first authentication information carried in the access authentication application message.
When the wireless access equipment receives the access authentication application message broadcast by other wireless access equipment in the blockchain network, the wireless access equipment indicates that the other wireless access equipment applies for assisting access authentication to the wireless access equipment in the blockchain network. Because the access authentication application message is broadcasted in the blockchain network by the other wireless access devices in a broadcast message mode of private key signature, the wireless access device can search the blockchain account book according to the identification of the other wireless access devices to obtain the public key of the other wireless access devices, verify the private key signature on the access application message by using the public key of the other wireless access devices, and obtain Tn and RK carried in the access authentication application message after the verification is passed.
It should be noted that the access authentication application message may further carry an identifier of the wireless access device or an identifier of a terminal device belonging to the wireless access device, so that the wireless access device determines that the other wireless access device applies for assisted access authentication to the wireless access device.
And step 22, determining second authentication information according to the time information and the current password book carried in the access authentication application message broadcast by other wireless access equipment in the block chain network.
And the current code book is the same as the current code book of the terminal equipment belonging to the wireless access equipment. Since the terminal device and the wireless access device to which the terminal device belongs agree in advance to generate the same codebook and maintain the codebook according to the same rule, the wireless access device and the terminal device to which the wireless access device belongs have the same codebook at any time.
After acquiring Tn and RK carried in the access authentication application message, the wireless access device may determine RK' according to Tn and the current codebook.
And step 23, under the condition that it is determined that the first authentication information and the second authentication information carried in the access authentication application message broadcast by the other wireless access equipment in the blockchain network meet the preset conditions, broadcasting an authentication passing message in the blockchain network.
The first authentication information and the second authentication information satisfying the preset condition may include: the first authentication information and the second authentication information are identical.
Because the terminal device and the wireless access device to which the terminal device belongs have the same codebook at any time, and if the terminal device and the wireless access device to which the terminal device belongs determine the authentication information according to the same time information and the same codebook, respectively, the authentication information determined by the terminal device and the authentication information determined by the wireless access device to which the terminal device belongs are also necessarily the same, when the wireless access device determines that the RK is consistent with the RK', it can be said that the terminal device that determines the RK is the terminal device that belongs to the wireless access device, so that the access authentication applied by the other wireless access device in step 21 is determined to be passed, and at this time, the wireless access device broadcasts an authentication pass message in the block chain network to allow the other wireless access device in step 21 to determine that the terminal device is allowed to access.
It can be seen from steps 21 to 23 that, in the wireless network access method provided in the embodiment of the present invention, after leaving the coverage area of the second wireless access device, the terminal device belonging to the second wireless access device requests to access another wireless access device, and the another wireless access device broadcasts an access authentication application message in the blockchain network to request the second wireless access device to perform access authentication for the terminal device. When receiving an access authentication application message broadcast by other wireless access equipment in the blockchain network, the second wireless access equipment can acquire time information and first authentication information carried in the access authentication application message, determines second authentication information according to the time information and the current password, and broadcasts an authentication passing message in the blockchain network under the condition that the first authentication information and the second authentication information meet preset conditions so that the other wireless access equipment can determine that the terminal equipment is allowed to access. And realizing that other terminal equipment belonging to the second wireless access equipment can be accessed to other wireless access equipment after leaving the coverage range of the second wireless access equipment.
It should be noted that the order of executing steps 11-13 and steps 21-23 is not necessarily related, that is, there is no specific order of execution between steps 11-13 and steps 21-23.
As shown in fig. 3, in some embodiments, the determining the second authentication information according to the time information and the current codebook carried in the access authentication application message broadcast by the other wireless access device in the blockchain network (i.e., step 22) may include the following steps:
step 221, calculating and generating a password serial number according to the time information carried in the access authentication application message broadcast by other wireless access devices in the blockchain network.
The wireless access device may generate a value N according to Tn according to a preset algorithm, and use N as the password number.
Step 222, determining that the password information corresponding to the password serial number in the current password book is the second authentication information.
The wireless access device may use the nth password information in the current password book as the second authentication information.
In some embodiments, the wireless network access method may further include the steps of: and updating the codebook according to a preset updating period.
In order to ensure that the terminal device and the wireless access device to which the terminal device belongs have the same codebook at any time, the terminal device and the wireless access device to which the terminal device belongs need not only to generate the same codebook in advance, but also need to update the codebook according to a preset update period, where the update period may be 5 seconds, 10 seconds, 1 minute, and the like.
As shown in fig. 4, an embodiment of the present invention provides a wireless network access method, which may be applied to a terminal device, where the method includes the following steps:
step 31, responding to the first wireless access device to which the terminal device can not access, determining the second wireless access device.
The M1 belongs to homewifi, and after the M1 leaves the coverage range of homewifi, the M1 automatically searches WiFi information with @ aaa.
And step 32, determining the first authentication information according to the current time information and the current password, and sending an access request carrying the first authentication information and the identifier of the first wireless access device to the second wireless access device.
And the access request is used for the second wireless access equipment to apply the first wireless access equipment for the access authentication of the terminal equipment according to the first authentication information.
And M1 determines RK according to the current time information Tn and the current codebook of M1, and sends an access request carrying RK and homewifi identification to visitwifi.
The Visitwifi responds to the received access request sent by the M1, acquires the RK and homewifi identification carried in the access request, and broadcasts an access authentication application message carrying Tn (time when the visiitwifi receives the access request) and the RK in a block chain network by adopting a broadcast message mode of private key signature.
The Homewifi responds to an access authentication application message broadcasted by the visitwifi in the blockchain network, a blockchain account book can be searched according to the identification of the visitwifi to obtain a public key of the visitwifi, a private key signature on the access application message is verified by using the public key of the visitwifi, tn and RK carried in the access application message are obtained after verification is passed, second authentication information (RK ') is determined according to the current password book of the Tn and the Homewifi, whether the RK and the RK ' meet preset conditions or not is determined, and the Homewifi broadcasts an authentication passing message in the blockchain network under the condition that the RK and the RK ' meet the preset conditions is determined.
When an authentication passing message broadcasted by the homewifi in the block chain network is received, the visitwifi can determine that the homewifi passes the M1 access authentication, and then the M1 is allowed to access the visitwifi.
It can be seen from the foregoing steps 31-32 that, when the terminal device leaves the coverage area of the first wireless access device to which the terminal device belongs, the terminal device cannot be connected to the first wireless access device, an access request carrying the first authentication information and the identifier of the first wireless access device may be sent to the second wireless access device, and the second wireless access device applies for access authentication of the terminal device to the first wireless access device according to the first authentication information determined by the terminal device, so that the terminal device belonging to the first wireless access device can be accessed to the second wireless access device after leaving the coverage area of the first wireless access device, and similarly, other terminal devices belonging to the second wireless access device can also be accessed to other wireless access devices after leaving the coverage area of the second wireless access device.
As shown in fig. 5, in some embodiments, the determining the first authentication information according to the current time information and the current codebook (i.e., step 32) may include the following steps:
and step 41, calculating and generating a password serial number according to the current time information.
M1 can generate a numerical value N according to Tn according to a preset algorithm, and the N is used as a password serial number.
And 42, determining the password information corresponding to the password serial number in the current password book as the first authentication information.
M1 may use nth password information in the current password book as the first authentication information.
In some embodiments, the wireless network access method may further include the steps of: and updating the codebook according to a preset updating period.
In order to ensure that the terminal device and the wireless access device to which the terminal device belongs have the same codebook at any time, the terminal device and the wireless access device to which the terminal device belongs need not only to generate the same codebook in advance by convention, but also need to update the codebook according to a preset update period, where the update period may be 5 seconds, 10 seconds, 1 minute, and the like, and the embodiment of the present invention does not specifically limit this.
The following briefly describes a wireless network access method provided by the present invention with reference to a specific embodiment:
step A1, the mobile terminal M1 belongs to a home WiFi access point homewifi, the M1 and the homewifi agree in advance to generate the same code book, and the code book is agreed to be updated according to the same updating period, for example, the M1 and the homewifi synchronously update the code book every 5 seconds.
Step A2, accessing homewifi and visitwifi into a WiFi sharing block chain network aaa-blockchain to become one of the nodes, and declaring that the device is added into the WiFi sharing block chain network in an open SSID (Service Set Identifier), namely, after adding a suffix name @ aaa-blockchain, the device becomes: blockchain and visitfifi @ aaa.
And step A3, when the M1 leaves the coverage range of homewifi, automatically searching WiFi information with @ aaa. Blockchain in the suffix name, and searching to obtain WiFi information of visitwifi @ aaa. Blockchain.
And step A4, M1 determines first authentication information RK according to the current time information Tn and the current password book, and sends an access request carrying an RK and a homewifi identifier to visitwifi.
Specifically, M1 generates a numerical value N according to Tn by a preset algorithm, takes N as a password serial number, and then takes the Nth password information in the current password book as RK.
And step A5, responding to the received access request sent by the M1 by the visitwifi, and acquiring the RK and homewifi identifiers carried in the visitwifi.
And step A6, broadcasting an access authentication application message carrying Tn and RK in the blockchain network by the visitwifi in a broadcast message mode of private key signature.
Wherein, visitwifi takes the time when the access request sent by M1 is received as Tn.
Step A7, responding to the received access authentication application message broadcasted by the visitwifi in the blockchain network, searching the blockchain account book according to the identifier of the visitwifi to obtain the public key of the visitwifi, verifying the private key signature on the access authentication application message by using the public key of the visitwifi, and obtaining Tn and RK carried in the access authentication application message after the verification is passed.
And step A8, determining second authentication information RK' by homewifi according to Tn and the current codebook.
Specifically, homewifi generates a numerical value N according to Tn by a preset algorithm, the N is used as a password serial number, and then the Nth password information in the current password book is used as RK'.
And step A9, under the condition that the RK is consistent with the RK', the homewifi broadcasts an authentication passing message in the block chain network.
Step A10, the visitwifi determines that the M1 is allowed to access the visitwifi in response to receiving the authentication passing message broadcast by the homewifi in the blockchain network.
To this end, M1 may obtain WiFi access service provided by visitwifi.
Based on the same technical concept, as shown in fig. 6, an embodiment of the present invention further provides a wireless access device, where the wireless access device may include:
a receiving module 101, configured to receive an access request sent by a terminal device; and means for receiving an authentication pass message broadcast by the first wireless access device in the blockchain network; and the access authentication application message is used for receiving the access authentication application message broadcast by other wireless access equipment in the blockchain network.
An obtaining module 102, configured to, in response to the receiving module receiving an access request sent by a terminal device, obtain first authentication information carried in the access request and an identifier of a first wireless access device to which the terminal device belongs; and the receiving module is used for responding to the access authentication application message broadcast by other wireless access equipment in the blockchain network received by the receiving module, and acquiring the time information and the first authentication information carried in the access authentication application message.
A broadcasting module 103, configured to broadcast an access authentication application message carrying time information and the first authentication information in the blockchain network, so that the first wireless access device performs access authentication on the terminal device according to the first authentication information; the time information is the time information when the second wireless access equipment receives the access request; and the authentication passing message is broadcasted in the blockchain network under the condition that the first authentication information and the second authentication information carried in the access authentication application message broadcasted by the other wireless access equipment in the blockchain network meet the preset conditions.
A processing module 104, configured to determine that the terminal device is allowed to access the second wireless access device in response to the receiving module receiving an authentication passing message broadcast by the first wireless access device in the blockchain network; the second authentication information is determined according to the time information and the current password book carried in the access authentication application message broadcast by the other wireless access equipment in the block chain network; and the current code book is the same as the current code book of the terminal equipment belonging to the wireless access equipment.
In some embodiments, the processing module 104 is specifically configured to:
calculating and generating a password serial number according to time information carried in an access authentication application message broadcast by the other wireless access equipment in the block chain network;
and determining that the password information corresponding to the password serial number in the current password book is second authentication information.
In some embodiments, as shown in fig. 7, the wireless access device further includes an updating module 105, where the updating module 105 is configured to update the codebook according to a preset updating period.
Based on the same technical concept, as shown in fig. 8, an embodiment of the present invention further provides a terminal device, where the terminal device may include:
a processing module 201, configured to determine a second wireless access device in response to that a terminal device cannot access a first wireless access device to which the terminal device belongs; the first authentication information is determined according to the current time information and the current password book;
a sending module 202, configured to send an access request carrying the first authentication information and the identifier of the first wireless access device to the second wireless access device, so that the second wireless access device applies for the access authentication of the terminal device to the first wireless access device according to the first authentication information.
In some embodiments, the processing module 101 is specifically configured to:
calculating and generating a password serial number according to the current time information;
and determining that the password information corresponding to the password serial number in the current password book is first authentication information.
In some embodiments, as shown in fig. 9, the terminal device further includes an updating module 203, where the updating module 203 is configured to update the codebook according to a preset updating period.
It will be understood that the above embodiments are merely exemplary embodiments taken to illustrate the principles of the present invention, which is not limited thereto. It will be apparent to those skilled in the art that various modifications and improvements can be made without departing from the spirit and substance of the invention, and these modifications and improvements are also considered to be within the scope of the invention.

Claims (8)

1. A wireless network access method, the method comprising:
when an access request sent by a terminal device is received, acquiring first authentication information carried in the access request and an identifier of a first wireless access device to which the terminal device belongs;
broadcasting an access authentication application message carrying time information and the first authentication information in a block chain network, so that the first wireless access equipment can perform access authentication on the terminal equipment according to the first authentication information; the time information is the time information when the second wireless access equipment receives the access request;
in response to receiving an authentication passing message broadcast by the first wireless access device in the blockchain network, determining to allow the terminal device to access the second wireless access device;
when receiving an access authentication application message broadcast by other wireless access equipment in a block chain network, acquiring time information and first authentication information carried in the access authentication application message;
determining second authentication information according to time information and a current codebook carried in an access authentication application message broadcast by the other wireless access equipment in the blockchain network; the current cipher book is the same as the current cipher book of the terminal equipment belonging to the wireless access equipment;
under the condition that the first authentication information and the second authentication information carried in the access authentication application message broadcast by the other wireless access equipment in the blockchain network meet the preset condition, broadcasting an authentication passing message in the blockchain network;
wherein, the determining the second authentication information according to the time information and the current codebook carried in the access authentication application message broadcast by the other wireless access device in the blockchain network includes:
calculating and generating a password serial number according to time information carried in an access authentication application message broadcast by the other wireless access equipment in the block chain network;
and determining that the password information corresponding to the password serial number in the current password book is second authentication information.
2. The method of claim 1, further comprising:
and updating the codebook according to a preset updating period.
3. A wireless network access method, the method comprising:
responding to the first wireless access equipment which the terminal equipment can not access, and determining second wireless access equipment;
and determining first authentication information according to the current time information and the current password, and sending an access request carrying the first authentication information and the identifier of the first wireless access equipment to the second wireless access equipment, so that the second wireless access equipment applies for access authentication of the terminal equipment to the first wireless access equipment according to the first authentication information.
4. The method of claim 3, wherein determining the first authentication information according to the current time information and the current codebook comprises:
calculating and generating a password serial number according to the current time information;
and determining that the password information corresponding to the password serial number in the current password book is first authentication information.
5. The method of claim 3, further comprising:
and updating the codebook according to a preset updating period.
6. A wireless access device, characterized in that the wireless access device comprises:
the receiving module is used for receiving an access request sent by the terminal equipment; and means for receiving an authentication pass message broadcast by the first wireless access device in the blockchain network; the access authentication application message is used for receiving the access authentication application message broadcast by other wireless access equipment in the blockchain network;
an obtaining module, configured to, in response to the receiving module receiving an access request sent by a terminal device, obtain first authentication information carried in the access request and an identifier of a first wireless access device to which the terminal device belongs; the system comprises a receiving module, a processing module and a processing module, wherein the receiving module is used for responding to an access authentication application message broadcasted by other wireless access equipment in a block chain network, and acquiring time information and first authentication information carried in the access authentication application message;
a broadcast module, configured to broadcast an access authentication application message carrying time information and the first authentication information in the blockchain network, so that the first wireless access device performs access authentication on the terminal device according to the first authentication information; the time information is the time information when the second wireless access equipment receives the access request; the wireless access device is used for broadcasting an authentication passing message in the blockchain network under the condition that the first authentication information and the second authentication information carried in the access authentication application message broadcast by the other wireless access device in the blockchain network meet the preset conditions;
a processing module, configured to determine that the terminal device is allowed to access the second wireless access device in response to the receiving module receiving an authentication passing message broadcast by the first wireless access device in the blockchain network; the second authentication information is determined according to the time information and the current password book carried in the access authentication application message broadcast by the other wireless access equipment in the block chain network; the current code book is the same as the current code book of the terminal equipment belonging to the wireless access equipment;
wherein the processing module is configured to:
calculating and generating a password serial number according to time information carried in an access authentication application message broadcast by the other wireless access equipment in the block chain network;
and determining that the password information corresponding to the password serial number in the current password book is second authentication information.
7. A terminal device, characterized in that the terminal device comprises:
the processing module is used for responding to the first wireless access equipment which the terminal equipment cannot access and belongs to, and determining second wireless access equipment; the first authentication information is determined according to the current time information and the current password book;
a sending module, configured to send an access request carrying the first authentication information and the identifier of the first wireless access device to the second wireless access device, so that the second wireless access device applies for access authentication for the terminal device to the first wireless access device according to the first authentication information.
8. The terminal device of claim 7, wherein the processing module is configured to:
calculating and generating a password serial number according to the current time information;
and determining that the password information corresponding to the password serial number in the current password book is first authentication information.
CN202110557697.2A 2021-05-21 2021-05-21 Wireless network access method, wireless access equipment and terminal equipment Active CN113316145B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110557697.2A CN113316145B (en) 2021-05-21 2021-05-21 Wireless network access method, wireless access equipment and terminal equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110557697.2A CN113316145B (en) 2021-05-21 2021-05-21 Wireless network access method, wireless access equipment and terminal equipment

Publications (2)

Publication Number Publication Date
CN113316145A CN113316145A (en) 2021-08-27
CN113316145B true CN113316145B (en) 2022-12-16

Family

ID=77373979

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110557697.2A Active CN113316145B (en) 2021-05-21 2021-05-21 Wireless network access method, wireless access equipment and terminal equipment

Country Status (1)

Country Link
CN (1) CN113316145B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108738017A (en) * 2017-04-21 2018-11-02 网件公司 Secure communication in network access point
CN109168139A (en) * 2018-07-09 2019-01-08 北京邮电大学 A kind of WiFi sharing method and server based on block chain

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9451460B2 (en) * 2012-02-07 2016-09-20 Lg Electronics Inc. Method and apparatus for associating station (STA) with access point (AP)
US11689918B2 (en) * 2019-03-01 2023-06-27 Hewlett Packard Enterprise Development Lp Remote access point clustering for user authentication in wireless networks
US11696129B2 (en) * 2019-09-13 2023-07-04 Samsung Electronics Co., Ltd. Systems, methods, and devices for association and authentication for multi access point coordination

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108738017A (en) * 2017-04-21 2018-11-02 网件公司 Secure communication in network access point
CN109168139A (en) * 2018-07-09 2019-01-08 北京邮电大学 A kind of WiFi sharing method and server based on block chain

Also Published As

Publication number Publication date
CN113316145A (en) 2021-08-27

Similar Documents

Publication Publication Date Title
US11012860B2 (en) Method and an apparatus for publishing assertions in a distributed database of a mobile telecommunication network and for personalising internet-of-things devices
CN112822756B (en) Communication method, system, base station and terminal
US11973880B2 (en) Data processing method and data processing device
WO2019056971A1 (en) Authentication method and device
CN111132305A (en) Method for 5G user terminal to access 5G network, user terminal equipment and medium
CN112512048B (en) Mobile network access system, method, storage medium and electronic device
CN113316145B (en) Wireless network access method, wireless access equipment and terminal equipment
EP3876129B1 (en) Integrity for mobile network data storage
CN113316144B (en) Wireless network access method, wireless access equipment and terminal equipment
CN113347626B (en) Wireless network access method, wireless access equipment and terminal equipment
CN114339622A (en) Communication method, device and storage medium of ProSe communication group
CN110798836A (en) Switching method and device for eSIM (embedded subscriber identity Module) card terminal equipment
US20220174490A1 (en) System, method, storage medium and equipment for mobile network access
CN113286300B (en) Block chain-based network fragment authentication method, system, network element and storage medium
EP4080927A1 (en) Method and apparatus for checking relay user equipment
EP3758396B1 (en) Communication control device, communication setting method, communication setting program, and communication system
CN113316142B (en) Wireless network access method and device
CN113316140B (en) Wireless network access method, wireless access equipment and terminal
KR101104066B1 (en) Authentication system and method for wireless fidelity connection authentication
CN113347686A (en) Wireless network access method, wireless access equipment and terminal
CN117643087A (en) Verification method, device, equipment and storage medium
CN113347628A (en) Method, access point and terminal for providing network access service
CN117119443A (en) Time synchronization method, device, terminal, network equipment and storage medium
CN114599061A (en) Edge application processing method and device, communication equipment and readable storage medium
CN117041957A (en) Comprehensive energy scheduling method and system based on virtual power plant

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant