How is authentication implemented in GSM?

A.
Using public key cryptography

B.
It is not implemented in GSM

C.
Using secret key cryptography

D.
Out-of-band verification

Explanation:
Authentication is effected in GSM through the use of a common secret key, Ks, that is stored in the
network operator’s Authentication Center (AuC) and in the subscriber’s SIM card. The SIM card may
be in the subscriber’s laptop, and the subscriber is not privy to Ks. To begin the authentication
exchange, the home location of the subscriber’s mobile station, (MS), generates a 128-bit random
number (RAND) and sends it to the MS. Using an algorithm that is known to both the AuC and MS,
the RAND is encrypted by both parties using the secret key, Ks. The ciphertext generated at the MS is
then sent to the AuC and compared with the ciphertext generated by the Auc. If the two results
match, the MS is authenticated and the access request is granted. If they do not match, the access
request is denied. The other answers are, therefore, incorrect.