The invention relates to a method of authenticating a user equipment in a communications network. The method involves sending a message from a network entity to the user equipment. This message includes a set of options for an authentication procedure for authenticating an internet protocol communication over a first interface between the user equipment and the network entity; said options including a "shared key"-based authentication procedure. The method also involves selecting an option from the set. In the event that the "shared-key"-based authentication procedure is selected, a shared secret from a security key established in a generic bootstrapping architecture (GBA) is generated over a second interface between the user equipment and a bootstrapping service function. The shared secret is then used to compute and verify authentication payloads in the key-based authentication procedure for the communication over the first interface.