AS an open protocol that widely used in modern business, WAP provides mobile users with Internet services and value-added services. Through WAP mobile users can get the rich and tremendous internet resources handy. But there is some limitation when WAP protocols are transformed to the gateway by WTLS or SSL. In addition, the protocol only provide one-way authentication——the server can authenticate the clients, while the clients do not authenticate the server, which could cause some hidden trouble in information wiretapping.This paper will describe the basic theories and related techniques in current WAP protocol and present a non-unilateral authentication protocol of encrypted WAP. In this paper, a design and research of the non-unilateral authentication will be provided and the realization of this authentication will be showed up, which could improve the WAP security by encrypting the data with AES firstly before the data transferred to the WAP gateway and executing mutual-authentication. |