Method for unified network and service authentication based on ID-based cryptography

What is claimed is: 1. A unified authentication method for a device to authenticate a first provider network and a second provider network based on Identity-Based Cryptography where each of the device, the first provider network and the second provider network has a different private key and a same Global Public Key (GPK) issued by a public key generator, the unified authentication method comprising: generating and transmitting, by the device, an authentication data package to the first provider network, the authentication data package includes an Authentication Type (Auth. Type), the second provider network's ID (SP_ID), a first random number (RAND1), an identity of a device (Device_ID), and a signature of the device (Sig_De), wherein the device generates the RAND1, and wherein the device sends an authentication message to an Authentication Node (AN) of the first provider network that includes at least each of and is formatted in the order of Auth. Type, SP_ID, Device_ID, RAND1, and Sig_De, and wherein the Auth. Type comprises a first type wherein authentication involves an element of the first provider network and an element of the second provider network, a second type wherein authentication involves the element of the first provider network, and a third type wherein authentication involves the element of the second provider network; in response to receiving the authentication data package, determining, by the element of the first provider network, a type of authentication based on the Authentication Type; in response to determining the first type of authentication, generating and transmitting, by the element of the first provider network, a first Authentication Response Message to the device and transmitting the authentication data package to the element of the second provider network based on the SP_ID; and in response to receiving the authentication data package, generating and transmitting, by the element of the second provider network, a second Authentication Response Message to the device. 2. The unified authentication method according to claim 1 , wherein the step of generating and transmitting, by the element of the first provider network, the first Authentication Response Message to the device comprises: verifying the Sig_De using the Device_ID and the GPK; and in response to verification being successful, generating a second random number (RAND2); and generating a first encrypted message (m1) containing the RAND2 using the Device_ID based on Identity Based Encryption (IBE); generating a signature (Sig_AN) using the secret key of the first provider network and a GPK; and transmitting the first Authentication Response Message to the device, wherein the first Authentication Response Message includes an identity of the first provider network (AN_ID), the RAND1, the m1, and the Sig_AN. 3. The unified authentication method according to claim 2 further comprising: the device, in response to receiving the first Authentication Response Message, performing the following steps: authenticating the first provider network by verifying the Sig_AN using AN_ID and the GPK; in response to authentication being successful, decrypting m1 with the secret key of the device to obtain the RAND2; deriving a first session key (K_com) using the pre-defined KDF with input parameters being the RAND1 and the RAND2; saving the first session key in the memory of the device; generating a first Message Authentication Code (MAC1) using a MAC generation function with the RAND2 and the K_com as the input; and transmitting MAC1 to the element of the first provider network. 4. The unified authentication method according to claim 3 further comprising: the element of the first provider network, in response to receiving the MAC1, performing the following steps: deriving the first session key (K_com) using a pre-defined Key Derivation Function (KDF) with input parameters being the RAND1 and the RAND2; generating a MAC using the same MAC generation function with the RAND2 and the K_com as the input; determining whether MAC1 is equal to MAC; and in response to MAC1 being equal to MAC, saving the K_com in a memory of the element of the first provider network. 5. The unified authentication method according to claim 4 wherein the step of generating and transmitting, by the element of the second provider network, the second Authentication Response Message to the device comprises: verifying the Sig_De using the Device_ID and the GPK; and in response to verification being successful, generating a third random number (RAND3); and generating a second zencrypted message (m2) containing the RAND3 using the Device_ID based on Identity Based Encryption (IBE); generating a signature (Sig_SP) using the secret key of the second provider network and the GPK; and transmitting the second Authentication Response Message to the device, wherein the second Authentication Response Message includes an identity of the second provider network (SP_ID), the RAND1, the m2, and the Sig_SP. 6. The unified authentication method according to claim 5 further comprising: the device, in response to receiving the second Authentication Response Message, performing the following steps: authenticating the second provider network by verifying the Sig_SP using the SP_ID and the GPK; in response to authentication being successful, decrypting m2 with the secret key of the device to obtain the RAND3; deriving a second session key (K_ser) using the pre-defined KDF with input parameters being the RAND1 and the RAND3; saving the second session key in the memory of the device; generating a second Message Authentication Code (MAC1) using a MAC generation function with the RAND3 and the K_ser as the input; and transmitting the MAC2 to the element of the second provider network. 7. The unified authentication method according to claim 6 further comprising: the element of the second provider network, in response to receiving the MAC2, performing the following steps: deriving the second session key (K_ser) using the pre-defined Key Derivation Function (KDF) with input parameters being the RAND1 and the RAND3; generating a MAC using the same MAC generation function with the RAND3 and the K_ser as the input; determining whether MAC2 is equal to MAC; and in response to MAC2 being equal to MAC, saving the K_ser in a memory of the element of the second provider network. 8. The unified authentication method according to claim 1 further comprising: in response to determining the second type of authentication, generating and transmitting, by the element of the first provider network, a third Authentication Response Message to the device. 9. The unified authentication method according to claim 8 wherein the step of generating and transmitting, by the element of the first provider network, the third Authentication Response Message to the device comprises: verifying the Sig_De using the Device_ID and the GPK; and in response to verification being successful, generating a second random number (RAND2); generating a first encrypted message (m1) containing the RAND2 using the Device_ID based on Identity Based Encryption (IBE); generating a signature (Sig_AN) using the secret key of the first provider network and a GPK; and transmitting the third Authentication Response Message to the device, wherein the third Authentication Response Message includes an identity of the element of the first provider network (AN_ID), the RAND1, the m1, and the Sig_AN. 10. The unified authentication method according to claim 9 further comprising: the device, in response to receiving the third Authentication Response Message, performing the following steps: aut