As I have already stated before any user can access the GSM system they must be authenticated as a valid user and this authentication is done by use of the PIN on the SIM. The SIM stores the users Individual Authentication Key Ki, the user identification IMSI and used the A3 algorithm for identification.
The authentication method that is used is challenge – response : the access control will generate a random number RAND as a challenge, and the SIM within the MS has to answer with a signed responses SRES as response. The AuC performs the basic generation of the RAND, signed responses SRES, and cipher key Kc for each IMSI, then forward this information to the HLR, then current VLR then requests the suitable values for the RAND, SRES and the Kc from the HLR.
For authentication the VLR sends the random value RAND to the SIM. Each side, the GSM network and the subscriber module, must perform the same operation with the RAND and the Ki. The MS sends back the SRES generated by the SIM, the VLR can now compare both values. If the value produced by the SIM and the VLR match then the user is granted to access the GSM network, however if they do not match then the subscriber is refused access to the network. This process is shown in Figure 16.