中文摘要：

选取扩展认证-安全传输层（EAP—TLS，Extensible Authentication Protocol—transport Layer Security）协议与直接匿名认证（DAA，Direct Anonymous Attestation）结合，简化了EAP—TLS中用户与服务器间相互证书的交换和认证，去掉冗余步骤，合并EAP—TLS中握手过程和DAA中匿名认证过程。将可信平台模块（TPM，Trusted Platform Module）引入无线局域网（WLAN，Wireless Local Area Networks），实现用户身份的匿名认证，减轻了EAP—TLS协议证书管理压力，不存在效率瓶颈，安全程度比EAP—TLS有所提高，能有效抵抗重放攻击、中间人攻击、拒绝服务（DoS，Denial of Services）攻击等安全威胁。

英文摘要：

By combining EAP-TLS protocol in 802. 1X with DAA scheme in trusted computing, the mutual certificates exchange and authentication between clients and servers in EAP-TLS could be simplified, the redundant steps abandoned, and the handshake process in EAP-TLS with anonymous authentication process in DAA integrated. TPM is introduced into WLAN, thus to realize anonymous authentication. The pressure on certificate management of original EAP-TLS is reduced, and no efficiency bottleneck remains. The new protocol is more secure than original EAP-TLS protocol and can efficiently resist security threats like replay attacks, man-in-the-middle attacks and DoS attacks.