With the wide distribution of hot spots, in order to facilitate users to access the network at anytime and anywhere, the current network technology has developed a convenient and fast hot spot sharing system and has been popularized in daily life. However, the convenience of the information society also hides network security dangers. The purpose of this paper is to study and analyze the security problems existing in current Wi-Fi sharing applications by designing two different network authentication programs. In this paper, ieeee802.1x protocol is used for wireless access, eap-tls and RADIUS bidirectional authentication mechanism to achieve the authentication of access users, and one-time password authentication technology is used in Fat AP networking mode. Aiming at the defects of S/KEY protocol, such as server impersonation and system crash, an authentication scheme combining DES and RSA algorithm is proposed and implemented. The authentication scheme in network mode retains the advantage of simple operation of static cryptography system. By adding uncertainties, the security of the authentication system can be improved. The encrypted information is used to encrypt the transmitted information to ensure the confidentiality of the information during transmission. After successful authentication, session key negotiation is completed to ensure the security of subsequent communication. This scheme has a success rate of more than 95% after the experiment, is simple in design, high in security, low in cost, and does not need the participation of the third party, which is very suitable for solving the problems of user authentication and communication confidentiality in the shared system.

随着热点的广泛分布，为了方便用户随时随地访问网络，当前的网络技术已经开发了一种方便快捷的热点共享系统，并且已经在日常生活中得到普及。但是，信息社会的便利性也隐藏着网络安全的危险。本文的目的是通过设计两个不同的网络身份验证程序来研究和分析当前Wi-Fi共享应用程序中存在的安全问题。本文采用ieeee802.1x协议进行无线访问，使用eap-tls和RADIUS双向认证机制来实现对访问用户的认证，并且在Fat AP组网模式下使用一次性密码认证技术。针对S / KEY协议的缺陷，例如服务器模拟和系统崩溃，提出并实现了一种结合DES和RSA算法的认证方案。网络模式下的认证方案保留了静态密码系统简单操作的优点。通过增加不确定性，可以提高认证系统的安全性。加密的信息用于加密传输的信息，以确保传输过程中信息的机密性。认证成功后，会话密钥协商完成，以确保后续通信的安全性。实验后该方案成功率超过95％，设计简单，安全性高，成本低，不需要第三方参与，非常适合解决用户认证问题。共享系统中的通信机密性。