Abstract: A lightweight authentication scheme of WiFi environment is raised from the perspective of security and the load capacity mobile terminal according to the increasing serious of wireless network security. The new scheme is based on the challenge/response. The authentication of user to authentication server is realized by lightweight authentication. The authentication of authentication to user is realized by identity authentication based on public key encryption. Through the analysis of performance, the scheme is simple and the computation and storage of the client are reduced. What's more, the scheme can resist replay attack, network eavesdropping and posing as attack, which is suitable for the application to the WiFi environment with high security requirements.