CN115915115A - Communication network access method, device, vehicle, electronic equipment and storage medium - Google Patents

Communication network access method, device, vehicle, electronic equipment and storage medium Download PDF

Info

Publication number
CN115915115A
CN115915115A CN202211275137.9A CN202211275137A CN115915115A CN 115915115 A CN115915115 A CN 115915115A CN 202211275137 A CN202211275137 A CN 202211275137A CN 115915115 A CN115915115 A CN 115915115A
Authority
CN
China
Prior art keywords
ssid
communication network
electronic device
service set
verified
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202211275137.9A
Other languages
Chinese (zh)
Other versions
CN115915115B (en
Inventor
王岩炯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xiaomi Automobile Technology Co Ltd
Original Assignee
Xiaomi Automobile Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xiaomi Automobile Technology Co Ltd filed Critical Xiaomi Automobile Technology Co Ltd
Priority to CN202211275137.9A priority Critical patent/CN115915115B/en
Publication of CN115915115A publication Critical patent/CN115915115A/en
Application granted granted Critical
Publication of CN115915115B publication Critical patent/CN115915115B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The disclosure provides a communication network access method, a device, a vehicle, an electronic device and a storage medium, wherein the method comprises the steps of receiving a detection message sent by the electronic device, wherein the detection message is used for acquiring a Service Set Identifier (SSID) required by accessing a first wireless communication network; encrypting the service set identifier SSID to obtain SSID encryption data to be verified; and sending the SSID encryption data to be verified to the electronic equipment. By the method and the device, the transmission security of the service set identifier SSID required by accessing the first wireless communication network can be effectively improved.

Description

Communication network access method, device, vehicle, electronic equipment and storage medium
Technical Field
The present disclosure relates to the field of communications technologies, and in particular, to a communication network access method and apparatus, a vehicle, an electronic device, and a storage medium.
Background
During the Access process of a Wireless communication network (such as Wireless Fidelity (Wi-Fi)), before establishing a connection, a Wi-Fi hotspot needs to be scanned, wherein, during the process of turning on or off a hidden Service Set Identifier (SSID) function by a routing device (which may be regarded as an Access Point (AP)), the SSID is usually transmitted in a clear text form in an air packet.
In this way, the transmission of the service set identification SSID is not secure enough.
Disclosure of Invention
The present disclosure is directed to solving, at least to some extent, one of the technical problems in the related art.
Therefore, an object of the present disclosure is to provide a communication network access method, apparatus, vehicle, electronic device, storage medium, and computer program product, which can effectively improve the transmission security of the service set identifier SSID required for accessing the first wireless communication network.
In order to achieve the above object, an embodiment of a first aspect of the present disclosure provides a communication network access method, which is performed by a wireless access point AP, and the method includes: receiving a detection message sent by electronic equipment, wherein the detection message is used for acquiring a Service Set Identifier (SSID) required by accessing a first wireless communication network; encrypting the service set identifier SSID to obtain SSID encryption data to be verified; and sending the SSID encryption data to be verified to the electronic equipment.
In the communication network access method provided in the embodiment of the first aspect of the present disclosure, the probe message sent by the electronic device is received, where the probe message is used to obtain a service set identifier SSID required for accessing the first wireless communication network, encrypt the service set identifier SSID to obtain SSID encryption data to be verified, and send the SSID encryption data to be verified to the electronic device, so as to effectively improve transmission security of the service set identifier SSID required for accessing the first wireless communication network.
In order to achieve the above object, a communication network access method provided in an embodiment of the second aspect of the present disclosure is executed by an electronic device, and the method includes: sending a detection message to a wireless Access Point (AP), wherein the detection message is used for acquiring a Service Set Identifier (SSID) required by accessing a first wireless communication network; and acquiring SSID encryption data to be verified sent by the AP, wherein the SSID encryption data to be verified is obtained by encrypting the service set identifier SSID.
In the communication network access method provided by the embodiment of the second aspect of the disclosure, a probe message is sent to a wireless access point AP, where the probe message is used to acquire a service set identifier SSID required for accessing a first wireless communication network, and acquire SSID encryption data to be verified sent by the AP, where the SSID encryption data to be verified is obtained by encrypting the service set identifier SSID, so as to effectively improve transmission security of the service set identifier SSID required for accessing the wireless communication network by the AP.
In order to achieve the above object, a communication network access apparatus provided in an embodiment of the third aspect of the present disclosure is implemented by a wireless access point AP, and includes: the system comprises a first receiving module, a second receiving module and a sending module, wherein the first receiving module is used for receiving a detection message sent by electronic equipment, and the detection message is used for acquiring a Service Set Identifier (SSID) required by accessing a first wireless communication network; the first encryption module is used for encrypting the service set identifier SSID to obtain SSID encryption data to be verified; and the first sending module is used for sending the SSID encryption data to be verified to the electronic equipment.
The communication network access device provided in the embodiment of the third aspect of the present disclosure effectively improves transmission security of a service set identifier SSID required for accessing a first wireless communication network by receiving a probe message sent by an electronic device, where the probe message is used to acquire the service set identifier SSID required for accessing the first wireless communication network, encrypt the service set identifier SSID to obtain SSID encryption data to be verified, and send the SSID encryption data to be verified to the electronic device.
In order to achieve the above object, a communication network access apparatus provided in a fourth aspect of the present disclosure is implemented by an electronic device, and includes: the second sending module is used for sending a detection message to the wireless access point AP, wherein the detection message is used for acquiring a service set identifier SSID (service set identifier) required by accessing the first wireless communication network; and the acquisition module is used for acquiring SSID encryption data to be verified sent by the AP, wherein the SSID encryption data to be verified is obtained by encrypting the SSID of the service set identifier.
The communication network access device provided in the embodiment of the fourth aspect of the present disclosure sends a probe message to the wireless access point AP, where the probe message is used to acquire a service set identifier SSID required for accessing the first wireless communication network, and acquire SSID encryption data to be verified sent by the AP, where the SSID encryption data to be verified is obtained by encrypting the service set identifier SSID, so as to effectively improve transmission security of the service set identifier SSID required for accessing the AP to the wireless communication network.
In an embodiment of a fifth aspect of the present disclosure, a vehicle is provided, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the computer program, the communication network access method as set forth in the embodiment of the first aspect of the present disclosure is implemented.
A sixth aspect of the present disclosure provides an electronic device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, where when the processor executes the computer program, the electronic device implements the communication network access method as set forth in the second aspect of the present disclosure.
A seventh aspect of the present disclosure proposes a non-transitory computer-readable storage medium, on which is stored a computer program, which when executed by a processor implements a communication network access method as proposed by the above-mentioned aspect of the present disclosure.
An eighth aspect of the present disclosure provides a computer program product, wherein when instructions in the computer program product are executed by a processor, the method for accessing a communication network as set forth in the above aspect of the present disclosure is performed.
Additional aspects and advantages of the disclosure will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the disclosure.
Drawings
The foregoing and/or additional aspects and advantages of the present disclosure will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
fig. 1 is a flowchart illustrating a communication network access method according to an embodiment of the disclosure;
fig. 2 is a flowchart illustrating a communication network access method according to another embodiment of the disclosure;
fig. 3 is a flowchart illustrating a communication network access method according to another embodiment of the disclosure;
fig. 4 is a flowchart of a communication network access method according to another embodiment of the disclosure;
fig. 5 is a schematic diagram of interaction between an AP and an electronic device in an embodiment of the present disclosure;
fig. 6 is a schematic structural diagram of a communication network access device according to an embodiment of the present disclosure;
fig. 7 is a schematic structural diagram of a communication network access device according to another embodiment of the present disclosure;
fig. 8 is a schematic structural diagram of a communication network access device according to another embodiment of the present disclosure;
fig. 9 is a schematic structural diagram of a communication network access apparatus according to another embodiment of the present disclosure;
FIG. 10 illustrates a block diagram of an exemplary electronic device suitable for use in implementing embodiments of the present disclosure.
Detailed Description
Reference will now be made in detail to the embodiments of the present disclosure, examples of which are illustrated in the accompanying drawings, wherein like reference numerals refer to the same or similar elements or elements having the same or similar functions throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of illustrating the present disclosure and should not be construed as limiting the same. Rather, the embodiments of the disclosure include all changes, modifications and equivalents coming within the spirit and terms of the claims appended thereto.
The wireless access point AP in the embodiments of the present disclosure may be configured in a vehicle, for example, be disposed in an on-board device of the vehicle, or may be further integrated in a control system of the vehicle, and when the wireless access point AP is configured in the vehicle, the vehicle may perform communication interaction with an electronic device to implement the communication network access method provided in the embodiments of the present disclosure, and the electronic device may be an external terminal device or a network device.
The terminal device in the embodiments of the present disclosure may be an entity, such as a mobile phone, on the user side for receiving or transmitting signals. The terminal device may also be referred to as a User Equipment (UE), a Mobile Station (MS), a mobile terminal device (MT), and so on. The terminal device may be a mobile phone (mobile phone) having a communication function, a wearable device, a tablet computer (Pad), a computer with a wireless transceiving function, a Virtual Reality (VR) terminal device, an Augmented Reality (AR) terminal device, a wireless terminal device in industrial control (industrial control), a wireless terminal device in self-driving (self-driving), a wireless terminal device in remote surgery (remote medical supply), a wireless terminal device in smart grid (smart grid), a wireless terminal device in transportation safety (transportation safety), a wireless terminal device in smart city (smart city), a wireless terminal device in smart home (smart home), and the like.
The network device in the embodiments of the present disclosure may be an entity for transmitting or receiving signals on the network side. For example, the network device may be an evolved NodeB (eNB), a transmission point (TRP), a next generation base station (gNB) in the NR system, a base station in other future mobile communication systems, or an access node in a wireless fidelity (WiFi) system. The embodiments of the present disclosure do not limit the specific technologies and the specific device forms adopted by the network devices.
Fig. 1 is a flowchart illustrating a communication network access method according to an embodiment of the disclosure.
It should be noted that the main execution body of the communication network Access method of this embodiment is a communication network Access apparatus, and the communication network Access apparatus may be implemented in a software and/or hardware manner, and the apparatus may be configured in an Access Point (AP), which is not limited to this.
As shown in fig. 1, the communication network access method is performed by a wireless access point AP, and the method includes:
s101: and receiving a probe message sent by the electronic equipment, wherein the probe message is used for acquiring a Service Set Identifier (SSID) required by accessing the first wireless communication network.
Wherein a probe message may be sent by the electronic device to the AP to trigger acquisition of a service set identification, SSID, required for accessing the first wireless communication network based on the probe message.
The probe message may be used to actively scan the AP, and the probe message may be, for example, a probe request message.
For example, the electronic device may initiate active scanning, for example, the active scanning may be performed by sending a probe request message, and the electronic device may also send the probe request message on each channel for scanning, so that the sent probe request message may be regarded as a probe message.
The electronic device initiates active scanning and sends a detection message to each AP to acquire a Service Set Identifier (SSID) required by the corresponding AP to access the first wireless communication network.
S102: and encrypting the service set identifier SSID to obtain SSID encryption data to be verified.
In the embodiment of the present disclosure, if the AP receives a probe message sent by the electronic device, the AP may encrypt a service set identifier SSID required for accessing the first wireless communication network, and use encrypted data obtained by encryption as SSID encryption data to be verified.
S103: and sending SSID encryption data to be verified to the electronic equipment.
The SSID encryption data to be verified is obtained by encrypting the service set identifier SSID, and the SSID encryption data to be verified can be sent to the electronic device to access the first wireless communication network.
After the SSID encrypted data to be verified is sent to the electronic device, the electronic device may perform matching verification processing on the SSID encrypted data to be verified, and after the matching verification is passed, the AP is granted the right to access the first communication network.
In this embodiment, by receiving a probe message sent by an electronic device, where the probe message is used to obtain a service set identifier SSID required for accessing a first wireless communication network, encrypt the service set identifier SSID to obtain SSID encryption data to be verified, and send the SSID encryption data to be verified to the electronic device, transmission security of the service set identifier SSID required for accessing the first wireless communication network is effectively improved.
Fig. 2 is a flowchart illustrating a communication network access method according to another embodiment of the disclosure.
As shown in fig. 2, the communication network access method is performed by a wireless access point AP, and the method includes:
s201: receiving a probe message sent by an electronic device, wherein the probe message is used for acquiring a Service Set Identifier (SSID) required by accessing a first wireless communication network, and the probe message includes: electronic device information.
For the description of S201, reference may be made to the foregoing embodiments specifically, and details are not repeated here.
The probe message may further include electronic device information, where the electronic device information may be used to describe information such as attributes, configurations, and identifiers related to the electronic device, and the electronic device information is, for example, a Media Access Control (MAC) address of the electronic device.
S202: and acquiring target key information according to the electronic equipment information.
After the probe message sent by the electronic device is received, the electronic device information can be obtained by analyzing the probe message, and then the key information required by the current access to the first wireless communication network is obtained based on the electronic device information and is used as the target key information.
The candidate key information corresponding to each candidate device information may be configured in advance, and then the candidate device information identical to the electronic device information is determined, and then the candidate key information corresponding to the identical candidate device information is used as the target key information.
Different candidate key information can be configured for each piece of candidate device information, and the candidate key information configured for the same piece of candidate device information can also be dynamically changed, that is, the target key information adopted when the access to the first wireless communication network is triggered each time can be different, so that the dynamic generation of the SSID encryption data to be verified related to the service set identifier SSID is realized, and the transmission security of the service set identifier SSID is improved to a greater extent.
Optionally, in some embodiments, the obtaining target key information according to the electronic device information may be obtaining a mapping table, where the mapping table includes: if the candidate device information is the same as the electronic device information, the candidate key information is used as target key information, the target key information matched with the electronic device information is rapidly acquired, and the access verification efficiency of the communication network is improved.
Wherein the mapping table may be preconfigured.
The mapping table may include a plurality of candidate device information and candidate key information corresponding to the candidate device information, where the candidate key information may be randomly and dynamically generated, and after the candidate key information is generated, each candidate device information and corresponding candidate key information may be subjected to associated mapping storage to form the mapping table.
When the target key information is obtained according to the electronic device information, if the candidate device information is the same as the electronic device information, the candidate key information may be used as the target key information, and if the candidate device information is different from the electronic device information, a new probe message sent by the electronic device is monitored, that is, the probe message received this time is not responded to, and the new probe message is monitored.
Optionally, in some embodiments, before receiving a probe request message of wireless network access sent by an electronic device, a communication connection with the electronic device may be established based on a second wireless communication network, and candidate device information sent by the electronic device is acquired, and a mapping table is configured according to the candidate device information and candidate key information corresponding to the candidate device information, so that the candidate device information of the electronic device is acquired in advance, and the generation of candidate key information corresponding to the candidate device information is assisted in advance.
Wherein, the first wireless communication network can be a Wi-Fi communication network, and the second wireless communication network can be a Bluetooth network.
That is, the candidate device information sent by the electronic device may be acquired based on the bluetooth network, and the mapping table may be configured.
Optionally, in some embodiments, the service set identification SSID and candidate key information corresponding to the candidate device information may also be sent to the electronic device, so that the electronic device may generate reference SSID encryption data required for matching authentication, so as to authenticate and authorize the access of the AP to the first wireless communication network, which may be specifically referred to in the subsequent embodiments.
It should be noted that the service set identifier SSID and the candidate key information corresponding to the candidate device information may be sent to the electronic device based on the bluetooth network, and in the transmission process based on the bluetooth network, the message carrying the service set identifier SSID and the candidate device information may be subjected to overall encryption processing, so that the possibility of the service set identifier SSID being divulged is not increased.
S203: and encrypting the service set identifier SSID according to the target key information to obtain SSID encryption data to be verified.
S204: and sending SSID encryption data to be verified to the electronic equipment.
For the description of S203-S204, reference may be made to the above embodiments, which are not described herein again.
S205: and receiving an access control message sent by the electronic equipment, wherein the access control message is used for controlling the AP to access the first wireless communication network.
After the SSID encrypted data to be verified is sent to the electronic device, the electronic device may perform matching verification processing on the SSID encrypted data to be verified, and after the matching verification is passed, grant an authority of the AP to access the first communication network, for example, the electronic device may send an access control message to the AP, where the access control message is used to control the AP to access the first wireless communication network, and then the AP may receive the access control message sent by the electronic device.
S206: and accessing the first wireless communication network according to the access control message.
S207: the target key information is deleted.
The access control message sent by the electronic equipment is received and accessed into the first wireless communication network according to the access control message, and the target key information can be deleted, so that the safe transmission of the service set identifier SSID is realized, the target key information can be effectively prevented from being repeatedly utilized, playback attack is avoided, and dynamic update of the target key information is effectively supported.
In this embodiment, by receiving a probe message sent by an electronic device, where the probe message is used to obtain a service set identifier SSID required for accessing a first wireless communication network, encrypt the service set identifier SSID to obtain SSID encryption data to be verified, and send the SSID encryption data to be verified to the electronic device, transmission security of the service set identifier SSID required for accessing the first wireless communication network is effectively improved. Therefore, not only the safe transmission of the service set identifier SSID is realized, but also the target key information can be effectively prevented from being reused, playback attack is avoided, and the dynamic update of the target key information is effectively supported.
Fig. 3 is a flowchart illustrating a communication network access method according to another embodiment of the disclosure.
It should be noted that the main execution body of the communication network access method of this embodiment is a communication network access device, and the communication network access device may be implemented by software and/or hardware, and the device may be configured in an electronic device, which is not limited to this.
As shown in fig. 3, the communication network access method is performed by an electronic device, and the method includes:
s301: and sending a detection message to the wireless access point AP, wherein the detection message is used for acquiring a service set identifier SSID required by accessing the first wireless communication network.
Wherein a probe message may be sent by the electronic device to the AP to trigger acquisition of a service set identification, SSID, required for accessing the first wireless communication network based on the probe message.
The probe message may be used to actively scan the AP, and the probe message may be, for example, a probe request message.
For example, the electronic device may initiate active scanning, for example, the active scanning may be performed by sending a probe request message, the electronic device may also send the probe request message on each channel for scanning, and the sent probe request message may be regarded as a probe message.
The electronic device initiates active scanning and sends a detection message to each AP to acquire a Service Set Identifier (SSID) required by the corresponding AP to access the first wireless communication network.
S302: and acquiring SSID encryption data to be verified sent by the AP, wherein the SSID encryption data to be verified is obtained by encrypting the service set identifier SSID.
After the probe message is sent to the wireless access point AP, SSID encryption data to be verified sent by the AP may also be obtained, where the SSID encryption data to be verified is obtained by encrypting the service set identifier SSID by the AP.
Optionally, in some embodiments, the probe message further includes electronic device information, where the SSID encryption data to be verified is obtained by the AP encrypting the service set identifier SSID according to target key information, and the target key information is determined by the electronic device information.
In this embodiment, a probe message is sent to the wireless access point AP, where the probe message is used to obtain a service set identifier SSID required for accessing the first wireless communication network, and obtain SSID encryption data to be verified sent by the AP, where the SSID encryption data to be verified is obtained by encrypting the service set identifier SSID, so as to effectively improve transmission security of the service set identifier SSID required for accessing the wireless communication network by the AP.
Fig. 4 is a flowchart illustrating a communication network access method according to another embodiment of the disclosure.
As shown in fig. 4, the communication network access method is performed by an electronic device, and the method includes:
s401: and establishing a communication connection with the AP based on the second wireless communication network.
S402: transmitting candidate device information to the AP, wherein the candidate device information is used to determine candidate key information.
S403: and receiving the service set identifier SSID and candidate key information corresponding to the candidate device information sent by the AP based on the second wireless communication network.
S404: and encrypting the service set identifier SSID according to the corresponding candidate key information to obtain reference SSID encryption data.
S405: and sending a detection message to the wireless access point AP, wherein the detection message is used for acquiring a service set identifier SSID required by accessing the first wireless communication network.
S406: and acquiring SSID encryption data to be verified sent by the AP, wherein the SSID encryption data to be verified is obtained by encrypting the service set identifier SSID.
S407: and if the SSID encryption data to be verified is the same as the reference SSID encryption data, sending an access control message to the AP, wherein the access control message is used for controlling the AP to access the first wireless communication network.
In this embodiment, a probe message is sent to the wireless access point AP, where the probe message is used to obtain a service set identifier SSID required for accessing the first wireless communication network, and obtain SSID encryption data to be verified sent by the AP, where the SSID encryption data to be verified is obtained by encrypting the service set identifier SSID, so as to effectively improve transmission security of the service set identifier SSID required for accessing the wireless communication network by the AP. The method comprises the steps of establishing a communication connection with an AP based on a second wireless communication network, sending candidate device information to the AP, wherein the candidate device information is used for determining candidate key information, receiving a service set identification SSID sent by the AP and the candidate key information corresponding to the candidate device information based on the second wireless communication network, and encrypting the service set identification SSID according to the corresponding candidate key information to obtain reference SSID encryption data, so that the electronic equipment can generate the reference SSID encryption data required by matching verification to verify and authorize the AP to access a first wireless communication network.
As shown in fig. 5, fig. 5 is an interaction diagram between an AP and an electronic device in the embodiment of the disclosure, where an auxiliary encryption program-AP may be configured in the AP, where the auxiliary encryption program-AP connects with an auxiliary encryption program-sta in the electronic device (the electronic device may be understood as a Station, such as a terminal device or a network device) via a bluetooth network, and the auxiliary encryption program-sta sends a MAC address of the Station to the auxiliary encryption program-AP, the auxiliary encryption program-AP may distribute information such as an SSID, a password, and an encryption mode, and an encryption key of the SSID to the auxiliary encryption program-sta, encrypt the SSID with the encryption key by the auxiliary encryption program-sta to obtain a target SSID (i.e., reference SSID encryption data), and transmit the target SSID (i.e., reference SSID encryption data) to a Station connection program, the auxiliary encryption program-AP can map the MAC address and the encryption key of the Station for standby, and provide a mapping table to the AP control program, the AP control program can receive a probe request message, the probe request message may not contain SSID information but contains the MAC address of the electronic device, then, look up the table based on the MAC address in the probe request message, if the table can be found, encrypt the SSID based on the target key information in the mapping table to obtain SSID encryption data to be verified, and carry the SSID encryption data to be verified to the probe rsp message (i.e. the response message of the probe request message), transmit the probe rsp message to the Station connection program, the Station connection program performs matching verification on the SSID encryption data to be verified and the target SSID (i.e. the reference SSID encryption data), if the matching is verified, the AP can be triggered to perform Wi-Fi connection based on the SSID, and the AP can also delete candidate device information corresponding to the electronic device in the mapping table and candidate key information corresponding to the candidate device information so as to avoid 'replay attack'.
Therefore, in the embodiment of the disclosure, the SSID required by the AP for accessing the wireless communication network can be fundamentally hidden, and only the probe req message containing the specific MAC address can be fed back, even if the probe req message/the probe rsp message is captured, the real SSID cannot be revealed, the Wi-Fi connection can be realized, the Wi-Fi connection can be completed without inputting a password by a user, the key information used for encryption is invalid immediately after the connection is successful, and the 'replay attack' is prevented.
Fig. 6 is a schematic structural diagram of a communication network access device according to an embodiment of the present disclosure.
As shown in fig. 6, the communication network access apparatus 60 is implemented by a wireless access point AP, and the apparatus 60 includes:
a first receiving module 601, configured to receive a probe message sent by an electronic device, where the probe message is used to obtain a service set identifier SSID required for accessing a first wireless communication network.
The first encryption module 602 is configured to encrypt the service set identifier SSID to obtain SSID encryption data to be verified.
A first sending module 603, configured to send SSID encryption data to be verified to the electronic device.
In some embodiments of the present disclosure, the probe message comprises: electronic device information; the first encryption module 602 is specifically configured to:
acquiring target key information according to the electronic equipment information;
and encrypting the service set identifier SSID according to the target key information to obtain SSID encryption data to be verified.
In some embodiments of the present disclosure, the first encryption module 602 is specifically configured to:
obtaining a mapping table, wherein the mapping table comprises: candidate device information, and candidate key information corresponding to the candidate device information;
and if the candidate device information is the same as the electronic device information, the candidate key information is taken as the target key information.
In some embodiments of the present disclosure, the first receiving module 601 is specifically configured to:
and if the candidate device information is different from the electronic device information, monitoring a new detection message sent by the electronic device.
In some embodiments of the present disclosure, as shown in fig. 7, fig. 7 is a schematic structural diagram of a communication network access apparatus according to another embodiment of the present disclosure, and the apparatus 60 further includes:
a second receiving module 604, configured to receive an access control message sent by the electronic device after sending SSID encrypted data to be verified to the electronic device, where the access control message is used to control an AP to access a first wireless communication network;
an access module 605, configured to access a first wireless communication network according to the access control message;
and the processing module 606 is used for deleting the target key information.
In some embodiments of the present disclosure, further comprising:
the configuration module 607 is configured to, before receiving a probe request message of wireless network access sent by the electronic device, establish a communication connection with the electronic device based on the second wireless communication network, acquire candidate device information sent by the electronic device, and configure a mapping table according to the candidate device information and candidate key information corresponding to the candidate device information.
In some embodiments of the present disclosure, the first sending module 603 is further configured to:
and sending the service set identifier SSID and candidate key information corresponding to the candidate device information to the electronic device.
Corresponding to the communication network access method provided in the embodiments of fig. 1 to fig. 2, the present disclosure also provides a communication network access apparatus, and since the communication network access apparatus provided in the embodiments of the present disclosure corresponds to the communication network access method provided in the embodiments of fig. 1 to fig. 2, the implementation manner of the communication network access method is also applicable to the communication network access apparatus provided in the embodiments of the present disclosure, and is not described in detail in the embodiments of the present disclosure.
In this embodiment, by receiving a probe message sent by an electronic device, where the probe message is used to obtain a service set identifier SSID required for accessing a first wireless communication network, encrypt the service set identifier SSID to obtain SSID encryption data to be verified, and send the SSID encryption data to be verified to the electronic device, transmission security of the service set identifier SSID required for accessing the first wireless communication network is effectively improved.
Fig. 8 is a schematic structural diagram of a communication network access device according to another embodiment of the present disclosure.
As shown in fig. 8, the communication network access apparatus 80 is implemented by an electronic device, and the apparatus 80 includes:
a second sending module 801, configured to send a probe message to the wireless access point AP, where the probe message is used to obtain a service set identifier SSID required for accessing the first wireless communication network.
The obtaining module 802 is configured to obtain SSID encryption data to be verified sent by the AP, where the SSID encryption data to be verified is obtained by encrypting a service set identifier SSID.
In some embodiments of the present disclosure, the probe message includes electronic device information, wherein the SSID encryption data to be verified is obtained by encrypting the service set identifier SSID according to target key information, and the target key information is determined by the electronic device information.
In some embodiments of the present disclosure, as shown in fig. 9, fig. 9 is a schematic structural diagram of a communication network access apparatus according to another embodiment of the present disclosure, where the apparatus 80 further includes:
a communication module 803, configured to establish a communication connection with the AP based on the second wireless communication network before sending the probe message to the wireless access point AP, and send candidate device information to the AP, where the candidate device information is used to determine the candidate key information.
In some embodiments of the disclosure, the apparatus further comprises:
a third receiving module 804, configured to receive the SSID of the service set identifier and the candidate key information corresponding to the candidate device information sent by the AP.
In some embodiments of the disclosure, the apparatus further comprises:
the second encryption module 805 is configured to encrypt the SSID according to the corresponding candidate key information, to obtain encrypted data of the SSID reference.
In some embodiments of the present disclosure, wherein,
the second sending module 801 is further configured to send an access control message to the AP when the SSID encryption data to be verified is the same as the reference SSID encryption data, where the access control message is used to control the AP to access the first wireless communication network.
Corresponding to the communication network access method provided in the embodiments of fig. 3 to 4, the present disclosure also provides a communication network access apparatus, and since the communication network access apparatus provided in the embodiments of the present disclosure corresponds to the communication network access method provided in the embodiments of fig. 3 to 4, the implementation of the communication network access method is also applicable to the communication network access apparatus provided in the embodiments of the present disclosure, and will not be described in detail in the embodiments of the present disclosure.
In this embodiment, a probe message is sent to the wireless access point AP, where the probe message is used to obtain a service set identifier SSID required for accessing the first wireless communication network, and obtain SSID encryption data to be verified sent by the AP, where the SSID encryption data to be verified is obtained by encrypting the service set identifier SSID, so as to effectively improve transmission security of the service set identifier SSID required for accessing the wireless communication network by the AP.
In order to achieve the above embodiments, the present disclosure also proposes a vehicle including: a processor; a memory for storing processor-executable instructions; wherein the processor is configured to: the communication network access method proposed by the foregoing embodiment of the present disclosure is implemented.
In order to implement the above embodiments, the present disclosure also provides an electronic device, including: the present invention relates to a communication network access method, and more particularly to a memory, a processor, and a computer program stored in the memory and executable on the processor.
In order to achieve the above embodiments, the present disclosure also proposes a non-transitory computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements a communication network access method as proposed by the aforementioned embodiments of the present disclosure.
In order to implement the foregoing embodiments, the present disclosure also proposes a computer program product, which when executed by an instruction processor in the computer program product, performs the communication network access method proposed by the foregoing embodiments of the present disclosure.
FIG. 10 illustrates a block diagram of an exemplary electronic device suitable for use in implementing embodiments of the present disclosure. The electronic device 12 shown in fig. 10 is only an example and should not bring any limitations to the function and scope of use of the disclosed embodiments.
As shown in FIG. 10, electronic device 12 is embodied in the form of a general purpose computing device. The components of the electronic device 12 may include, but are not limited to: one or more processors or processing units 16, a system memory 28, and a bus 18 that couples various system components including the system memory 28 and the processing unit 16.
Bus 18 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and a processor or local bus using any of a variety of bus architectures. By way of example, such architectures include, but are not limited to, industry Standard Architecture (ISA) bus, micro Channel Architecture (MAC) bus, enhanced ISA bus, video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus.
Electronic device 12 typically includes a variety of computer system readable media. Such media may be any available media that is accessible by electronic device 12 and includes both volatile and nonvolatile media, removable and non-removable media.
Memory 28 may include computer system readable media in the form of volatile Memory, such as Random Access Memory (RAM) 30 and/or cache Memory 32. The electronic device 12 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 34 may be used to read from and write to non-removable, nonvolatile magnetic media (not shown in FIG. 10, and commonly referred to as a "hard drive").
Although not shown in FIG. 10, a disk drive for reading from and writing to a removable, nonvolatile magnetic disk (e.g., a "floppy disk") and an optical disk drive for reading from or writing to a removable, nonvolatile optical disk (e.g., a Compact disk Read Only Memory (CD-ROM), a Digital versatile disk Read Only Memory (DVD-ROM), or other optical media) may be provided. In these cases, each drive may be connected to bus 18 by one or more data media interfaces. Memory 28 may include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the disclosure.
A program/utility 40 having a set (at least one) of program modules 42 may be stored, for example, in memory 28, such program modules 42 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each of which examples or some combination thereof may comprise an implementation of a network environment. Program modules 42 generally perform the functions and/or methodologies of the embodiments described in this disclosure.
The electronic device 12 may also communicate with one or more external devices 14 (e.g., keyboard, pointing device, display 24, etc.), one or more devices that enable a user to interact with the electronic device 12, and/or any device (e.g., network card, modem, etc.) that enables the electronic device 12 to communicate with one or more other computing devices. Such communication may be through an input/output (I/O) interface 22. Also, the electronic device 12 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public Network such as the Internet) via the Network adapter 20. As shown, the network adapter 20 communicates with other modules of the electronic device 12 via the bus 18. It should be understood that although not shown in the figures, other hardware and/or software modules may be used in conjunction with electronic device 12, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
The processing unit 16 executes various functional applications and data processing, such as implementing the communication network access method mentioned in the foregoing embodiments, by executing programs stored in the system memory 28.
It should be noted that, in the description of the present disclosure, the terms "first", "second", etc. are used for descriptive purposes only and are not to be construed as indicating or implying relative importance. Further, in the description of the present disclosure, "a plurality" means two or more unless otherwise specified.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and the scope of the preferred embodiments of the present disclosure includes other implementations in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the embodiments of the present disclosure.
It should be understood that portions of the present disclosure may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.
In addition, functional units in the embodiments of the present disclosure may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.
The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present disclosure. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Although embodiments of the present disclosure have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present disclosure, and that changes, modifications, substitutions and alterations may be made to the above embodiments by those of ordinary skill in the art within the scope of the present disclosure.

Claims (18)

1. A communication network access method, performed by a wireless access point, AP, the method comprising:
receiving a detection message sent by electronic equipment, wherein the detection message is used for acquiring a Service Set Identifier (SSID) required by accessing a first wireless communication network;
encrypting the service set identifier SSID to obtain SSID encryption data to be verified; and
and sending the SSID encryption data to be verified to the electronic equipment.
2. The method of claim 1, wherein the probe message comprises: electronic device information; the encrypting the service set identifier SSID to obtain SSID encryption data to be verified comprises the following steps:
acquiring target key information according to the electronic equipment information;
and encrypting the service set identifier SSID according to the target key information to obtain the SSID encryption data to be verified.
3. The method of claim 2, wherein the obtaining target key information based on the electronic device information comprises:
obtaining a mapping table, wherein the mapping table comprises: candidate device information and candidate key information corresponding to the candidate device information;
and if the candidate device information is the same as the electronic device information, taking the candidate key information as the target key information.
4. The method of claim 3, wherein the method further comprises:
and if the candidate device information is different from the electronic device information, monitoring a new detection message sent by the electronic device.
5. The method of claim 2, wherein after said sending the to-be-verified SSID encryption data to the electronic device, the method further comprises:
receiving an access control message sent by the electronic device, wherein the access control message is used for controlling an AP to access the first wireless communication network;
accessing the first wireless communication network according to the access control message;
and deleting the target key information.
6. The method of claim 3, wherein prior to the receiving the probe request message for wireless network access sent by the electronic device, further comprising:
establishing a communication connection with the electronic device based on a second wireless communication network;
acquiring the candidate device information sent by the electronic device;
and configuring the mapping table according to the candidate device information and the candidate key information corresponding to the candidate device information.
7. The method of claim 6, wherein the method further comprises:
and sending the service set identifier SSID and candidate key information corresponding to the candidate device information to the electronic device.
8. A communication network access method, performed by an electronic device, the method comprising:
sending a detection message to a wireless Access Point (AP), wherein the detection message is used for acquiring a Service Set Identifier (SSID) required by accessing a first wireless communication network;
and acquiring SSID encryption data to be verified sent by the AP, wherein the SSID encryption data to be verified is obtained by encrypting the service set identifier SSID.
9. The method of claim 8, wherein the probe message includes electronic device information, wherein the SSID encryption data to be verified is obtained by encrypting the service set identification SSID according to target key information determined by the electronic device information.
10. The method of claim 8, wherein prior to said sending the probe message to the wireless access point, AP, further comprising:
establishing a communication connection with the AP based on a second wireless communication network;
transmitting candidate device information to the AP, wherein the candidate device information is used to determine candidate key information.
11. The method of claim 10, wherein the method further comprises:
and receiving the service set identifier SSID and candidate key information corresponding to the candidate device information sent by the AP.
12. The method of claim 11, wherein the method further comprises:
and encrypting the service set identifier SSID according to the corresponding candidate key information to obtain reference SSID encryption data.
13. The method of claim 12, wherein the method further comprises:
and if the SSID encryption data to be verified is the same as the reference SSID encryption data, sending an access control message to the AP, wherein the access control message is used for controlling the AP to access the first wireless communication network.
14. A communication network access apparatus, performed by a wireless access point, AP, the apparatus comprising:
the system comprises a first receiving module, a first sending module and a second receiving module, wherein the first receiving module is used for receiving a detection message sent by electronic equipment, and the detection message is used for acquiring a Service Set Identifier (SSID) required by accessing a first wireless communication network;
the first encryption module is used for encrypting the service set identifier SSID to obtain SSID encryption data to be verified; and
and the first sending module is used for sending the SSID encryption data to be verified to the electronic equipment.
15. A communication network access apparatus, performed by an electronic device, the apparatus comprising:
a second sending module, configured to send a probe message to a wireless access point AP, where the probe message is used to obtain a service set identifier SSID required for accessing a first wireless communication network;
and the acquisition module is used for acquiring SSID encryption data to be verified, which is sent by the AP, wherein the SSID encryption data to be verified is obtained by encrypting the service set identifier SSID.
16. A vehicle, characterized by comprising:
a processor; a memory for storing processor-executable instructions; wherein the processor is configured to: the steps of implementing a communication network access method according to any of the preceding claims 1-7.
17. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 8-13.
18. A non-transitory computer readable storage medium having stored thereon computer instructions for causing the computer to perform the method of any one of claims 1-13.
CN202211275137.9A 2022-10-18 2022-10-18 Communication network access method, device, vehicle, electronic equipment and storage medium Active CN115915115B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211275137.9A CN115915115B (en) 2022-10-18 2022-10-18 Communication network access method, device, vehicle, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211275137.9A CN115915115B (en) 2022-10-18 2022-10-18 Communication network access method, device, vehicle, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN115915115A true CN115915115A (en) 2023-04-04
CN115915115B CN115915115B (en) 2024-02-06

Family

ID=86492714

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211275137.9A Active CN115915115B (en) 2022-10-18 2022-10-18 Communication network access method, device, vehicle, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN115915115B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104869612A (en) * 2015-04-30 2015-08-26 小米科技有限责任公司 Method and device for accessing network
US20170104728A1 (en) * 2015-10-07 2017-04-13 E.J. Ward, Inc. Wireless network identifier with encrypted network access information
CN110891299A (en) * 2019-11-15 2020-03-17 北京小米移动软件有限公司 Network distribution method and device, electronic equipment and storage medium
US20210282014A1 (en) * 2020-03-05 2021-09-09 Cisco Technology, Inc. Identifying trusted service set identifiers for wireless networks
CN113395743A (en) * 2020-03-11 2021-09-14 阿里巴巴集团控股有限公司 Device connection method and system, corresponding terminal device and networking method
CN114258013A (en) * 2020-09-11 2022-03-29 中国联合网络通信集团有限公司 Data encryption method, device and storage medium
CN115119204A (en) * 2021-03-17 2022-09-27 苏州三六零智能安全科技有限公司 Wireless network connection method, device, storage medium and apparatus
WO2022211436A1 (en) * 2021-04-01 2022-10-06 Samsung Electronics Co., Ltd. Methods, access point device and station device for closed wi-fi hotspot network

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104869612A (en) * 2015-04-30 2015-08-26 小米科技有限责任公司 Method and device for accessing network
US20170104728A1 (en) * 2015-10-07 2017-04-13 E.J. Ward, Inc. Wireless network identifier with encrypted network access information
CN110891299A (en) * 2019-11-15 2020-03-17 北京小米移动软件有限公司 Network distribution method and device, electronic equipment and storage medium
US20210282014A1 (en) * 2020-03-05 2021-09-09 Cisco Technology, Inc. Identifying trusted service set identifiers for wireless networks
CN113395743A (en) * 2020-03-11 2021-09-14 阿里巴巴集团控股有限公司 Device connection method and system, corresponding terminal device and networking method
CN114258013A (en) * 2020-09-11 2022-03-29 中国联合网络通信集团有限公司 Data encryption method, device and storage medium
CN115119204A (en) * 2021-03-17 2022-09-27 苏州三六零智能安全科技有限公司 Wireless network connection method, device, storage medium and apparatus
WO2022211436A1 (en) * 2021-04-01 2022-10-06 Samsung Electronics Co., Ltd. Methods, access point device and station device for closed wi-fi hotspot network

Also Published As

Publication number Publication date
CN115915115B (en) 2024-02-06

Similar Documents

Publication Publication Date Title
CN111669276B (en) Network verification method, device and system
US11917054B2 (en) Network key processing method and system and related device
US10798082B2 (en) Network authentication triggering method and related device
EP3065334A1 (en) Key configuration method, system and apparatus
JP7204792B2 (en) WI-FI hotspot connection method and terminal
CN107567017B (en) Wireless connection system, device and method
US9191771B2 (en) Convenient use of push button mode of WPS (Wi-Fi protected setup) for provisioning wireless devices
CN112291780A (en) Identity obfuscation for wireless stations
JP5167322B2 (en) Data transfer method and terminal
CN112369100A (en) Method, apparatus and computer readable medium for protecting MAC address
US10674353B2 (en) Association establishment method in wireless local area network, terminal, and access point
JP7255949B2 (en) Communication method and device
CN112512045B (en) Communication system, method and device
CN113301572B (en) Connection method and device of Bluetooth equipment, storage medium and Bluetooth equipment
CN114844657B (en) Website login method, communication system and electronic equipment
US9241232B2 (en) Method and apparatus for machine communication
US7477746B2 (en) Apparatus for dynamically managing group transient key in wireless local area network system and method thereof
CN107734528B (en) Wireless network detection method, device, storage medium and terminal
US20170099289A1 (en) Temporary Mac Address-Based Access Method, Apparatus, and System
JP2023519997A (en) Method and communication apparatus for securing terminal parameter updates
CN115915115B (en) Communication network access method, device, vehicle, electronic equipment and storage medium
CN113518475A (en) Communication method, device and system
CN110602693A (en) Networking method and equipment of wireless network
EP4236120A1 (en) Message transmission method and apparatus
CN107666443B (en) Message forwarding method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant