The key generation algorithm used in the GSM system is known as the A8 algorithm.
Most GSM network operators utilize the a version of the COMP128 algorithm as the implementation of the A8 algorithm.
A8’s task is to generate the 64-bit Session Key (Kc), from the 128-bit random challenge (RAND) received from the Mobile Services Switching Center (MSC) and from the 128-bit Individual Subscriber Authentication Key (Ki) from the Mobile Station’s Subscriber Identity Module (SIM) or the Home Location Register (HLR).
One Session Key (Kc) is used until the MSC decides to authenticate the MS again. This might take days.
A8 actually generates 128 bits of output. The last 54 bits of those 128 bits form the Session Key (Kc). Ten zero-bits are appended to this key before it is given as input to the A5 algorithm.
The A8 algorithm is implemented in the Subscriber Identity Module (SIM).
