Physical-layer authentication (PLA) mechanisms exploit signals exchanged at the physical layer of communication systems to confirm the sender of a received message. In this paper, we propose a novel challenge-response PLA (CR-PLA) mechanism for a cellular system that leverages the reconfigurability property of a reconfigurable intelligent surface (RIS) (under the control of the verifier) in an authentication mechanism. In CR-PLA, the verifier base station (BS) sets a random RIS configuration, which remains secret to the intruder, and then checks that the resulting estimated channel is modified correspondingly. In fact, for a message sent by an attacker in a different location than the legitimate user equipment (UE), the BS will estimate a different channel and the message will be rejected as fake. Such a solution reduces the communication and computational overhead with respect to higher-layer cryptographic authentication. We derive the maximum a-posteriori attack when the attacker observes a correlated channel and the reconfigurable intelligent surface (RIS) has many elements, and the attacker transmits to Bob either directly or through the RIS. Using a generalized likelihood ratio test to test the authenticity at the base station (BS), we derive approximate expressions of the false alarm and misdetection probabilities when both the BS and the UE have a single antenna each, while the RIS has a large number of elements. We also evaluate the trade-off between security and communication performance, since choosing a random RIS configuration reduces the data rate. Moreover, we investigate the impact of various parameters (e.g., the RIS randomness, the number of RIS elements, and the operating signal-to-noise ratio) on security and communication performance.