The method provided in the embodiments of this application includes: obtaining, by a server, a first key (Ksm) shared with a gateway; receiving, by the server, an encrypted first random factor (Rand-M-Encry), a first data digest (Data-Hash), and encrypted first data (Data-Encry) that are sent by a terminal; decrypting, by the server, the Rand-M-Encry by using the Ksm, to obtain a second random factor (Rand-M′); performing, by the server, an operation on the Rand-M′ and Kpsa-xi by using a second preset algorithm, to generate a third key (K′sx); decrypting, by the server, the Data-Encry by using the K′sx, to obtain second data (Data′); performing, by the server, an operation on the K′sx and the Data′ based on a first preset algorithm to obtain a second data digest (Data-Hash′); and if the Data-Hash′ is the same as the Data-Hash, determining, by the server, that authentication of the terminal succeeds.