Wireless Fidelity (Wi-Fi) is a widely applied wireless communications technology, has advantages of fast deployment, convenience for use, high-rate transmission, and the like, and is widely applied in various industries. Access points of Wi-Fi networks spread all over venues such as hotels, cafes, schools, and hospitals, or in other words, Wi-Fi exists everywhere in life.
Although Wi-Fi networks are increasingly popular, due to complex Wi-Fi network setup, an equipment vendor still needs to invest a lot of support costs to help a user to establish a Wi-Fi network and solve a problem in a use process. Among users who successfully set up wireless networks, still 60% to 70% of the users do not configure any security parameter, and therefore, the networks are vulnerable to attacks. To solve bewilderment of the users in using the wireless networks, the Wi-Fi Alliance releases a Wi-Fi security setup (Wi-Fi Protected Setup, WPS) specification, also referred to as a Wi-Fi Simple Configuration (WSC), which is intended to simplify an operation when a user sets up a wireless local area network (WLAN). Therefore, users who have little understanding about wireless setup and security may also set up a secure WLAN simply and conveniently, and may add a device to the network conveniently.
A scenario of a current WPS application includes: a terminal used as an enrollee and an access point (AP) used as a registrar in a WiFi network perform a credential configuration, so that subsequently the terminal and the AP can perform authentication based on the credential to establish a secure connection. Specifically, a device to be connected such as an AP provides information including a complete public key of the AP; after another device such as a terminal acquires the information of the complete public key of the AP by using an out-of-band channel (out of band) (namely, another channel than a Wi-Fi channel), namely, an out-of-band manner, the another device sends, to the AP, connection information that is encrypted by using the complete public key of the AP; the AP decrypts the connection information by using its own private key; and based on the connection information, the AP and the anther device complete a configuration and establish a secure network connection.
To ensure security of the network connection after the configuration and connection, the used public key must be long enough, with a length of about 192 bytes=1536 bits. Therefore, because the complete public key is included, information provided by the device to be connected becomes intensive and complex, and out-of-band channel bandwidths of two devices that need to be connected are limited; messages exchanged in the connection process are numerous and complex, or content of exchanged messages is excessively large, which may cause low connection efficiency and bring poor network connection experience to users.