diff --git a/crates/ruma-events/src/room_key_request.rs b/crates/ruma-events/src/room_key_request.rs
index 241a73ee..c87e4719 100644
--- a/crates/ruma-events/src/room_key_request.rs
+++ b/crates/ruma-events/src/room_key_request.rs
@@ -3,7 +3,7 @@
 //! [`m.room_key_request`]: https://spec.matrix.org/v1.1/client-server-api/#mroom_key_request
 
 use ruma_events_macros::EventContent;
-use ruma_identifiers::{DeviceId, EventEncryptionAlgorithm, RoomId};
+use ruma_identifiers::{DeviceId, EventEncryptionAlgorithm, RoomId, SecretRequestId};
 use ruma_serde::StringEnum;
 use serde::{Deserialize, Serialize};
 
@@ -29,7 +29,7 @@ pub struct ToDeviceRoomKeyRequestEventContent {
     ///
     /// If the key is requested multiple times, it should be reused. It should also reused
     /// in order to cancel a request.
-    pub request_id: String,
+    pub request_id: Box<SecretRequestId>,
 }
 
 impl ToDeviceRoomKeyRequestEventContent {
@@ -39,7 +39,7 @@ impl ToDeviceRoomKeyRequestEventContent {
         action: Action,
         body: Option<RequestedKeyInfo>,
         requesting_device_id: Box<DeviceId>,
-        request_id: String,
+        request_id: Box<SecretRequestId>,
     ) -> Self {
         Self { action, body, requesting_device_id, request_id }
     }
diff --git a/crates/ruma-events/src/secret/request.rs b/crates/ruma-events/src/secret/request.rs
index 96854dfa..18f4a8dc 100644
--- a/crates/ruma-events/src/secret/request.rs
+++ b/crates/ruma-events/src/secret/request.rs
@@ -5,7 +5,7 @@
 use std::convert::TryFrom;
 
 use ruma_events_macros::EventContent;
-use ruma_identifiers::DeviceId;
+use ruma_identifiers::{DeviceId, SecretRequestId};
 use ruma_serde::StringEnum;
 use serde::{ser::SerializeStruct, Deserialize, Serialize};
 
@@ -32,7 +32,7 @@ pub struct ToDeviceSecretRequestEventContent {
     ///
     /// If the secret is requested from multiple devices at the same time, the same ID may be used
     /// for every target. The same ID is also used in order to cancel a previous request.
-    pub request_id: String,
+    pub request_id: Box<SecretRequestId>,
 }
 
 impl ToDeviceSecretRequestEventContent {
@@ -41,7 +41,7 @@ impl ToDeviceSecretRequestEventContent {
     pub fn new(
         action: RequestAction,
         requesting_device_id: Box<DeviceId>,
-        request_id: String,
+        request_id: Box<SecretRequestId>,
     ) -> Self {
         Self { action, requesting_device_id, request_id }
     }
diff --git a/crates/ruma-events/src/secret/send.rs b/crates/ruma-events/src/secret/send.rs
index 3a26ebbb..6d7cb764 100644
--- a/crates/ruma-events/src/secret/send.rs
+++ b/crates/ruma-events/src/secret/send.rs
@@ -3,6 +3,7 @@
 //! [`m.secret.send`]: https://spec.matrix.org/v1.1/client-server-api/#msecretsend
 
 use ruma_events_macros::EventContent;
+use ruma_identifiers::SecretRequestId;
 use serde::{Deserialize, Serialize};
 
 /// The content of an `m.secret.send` event.
@@ -16,7 +17,7 @@ use serde::{Deserialize, Serialize};
 #[ruma_event(type = "m.secret.send", kind = ToDevice)]
 pub struct ToDeviceSecretSendEventContent {
     /// The ID of the request that this is a response to.
-    pub request_id: String,
+    pub request_id: Box<SecretRequestId>,
 
     /// The contents of the secret.
     pub secret: String,
@@ -24,7 +25,7 @@ pub struct ToDeviceSecretSendEventContent {
 
 impl ToDeviceSecretSendEventContent {
     /// Creates a new `SecretSendEventContent` with the given request ID and secret.
-    pub fn new(request_id: String, secret: String) -> Self {
+    pub fn new(request_id: Box<SecretRequestId>, secret: String) -> Self {
         Self { request_id, secret }
     }
 }
diff --git a/crates/ruma-identifiers/CHANGELOG.md b/crates/ruma-identifiers/CHANGELOG.md
index 0dfd413c..bf3a684b 100644
--- a/crates/ruma-identifiers/CHANGELOG.md
+++ b/crates/ruma-identifiers/CHANGELOG.md
@@ -14,6 +14,7 @@ Breaking changes:
 
 Improvements:
 
+* Add `TransactionId` and `SecretRequestId`
 * Add `host`, `port` and `is_ip_literal` methods to `ServerName`
 
 Bug fixes:
diff --git a/crates/ruma-identifiers/src/lib.rs b/crates/ruma-identifiers/src/lib.rs
index 1b839a83..cf13b8ef 100644
--- a/crates/ruma-identifiers/src/lib.rs
+++ b/crates/ruma-identifiers/src/lib.rs
@@ -38,6 +38,7 @@ pub use crate::{
     room_name::RoomName,
     room_or_room_alias_id::RoomOrAliasId,
     room_version_id::RoomVersionId,
+    secret_request_id::SecretRequestId,
     server_name::ServerName,
     session_id::SessionId,
     signatures::{DeviceSignatures, EntitySignatures, ServerSignatures, Signatures},
@@ -66,6 +67,7 @@ mod room_id;
 mod room_name;
 mod room_or_room_alias_id;
 mod room_version_id;
+mod secret_request_id;
 mod server_name;
 mod session_id;
 mod signatures;
diff --git a/crates/ruma-identifiers/src/secret_request_id.rs b/crates/ruma-identifiers/src/secret_request_id.rs
new file mode 100644
index 00000000..85e25865
--- /dev/null
+++ b/crates/ruma-identifiers/src/secret_request_id.rs
@@ -0,0 +1,22 @@
+/// A secret request ID.
+///
+/// You can create one from a string (using `.into()`) but the recommended way is to use
+/// `SecretRequestId::new()` to generate a random one. If that function is not available for you,
+/// you need to activate this crate's `rand` Cargo feature.
+#[repr(transparent)]
+#[derive(PartialEq, Eq, PartialOrd, Ord, Hash)]
+pub struct SecretRequestId(str);
+
+impl SecretRequestId {
+    /// Creates a random secret request ID.
+    ///
+    /// This will currently be a UUID without hyphens, but no guarantees are made about the
+    /// structure of transaction IDs generated from this function.
+    #[cfg(feature = "rand")]
+    pub fn new() -> Box<Self> {
+        let id = uuid::Uuid::new_v4();
+        Self::from_owned(id.to_simple().to_string().into_boxed_str())
+    }
+}
+
+opaque_identifier!(SecretRequestId);
diff --git a/crates/ruma/src/lib.rs b/crates/ruma/src/lib.rs
index 14504230..3f4de6ed 100644
--- a/crates/ruma/src/lib.rs
+++ b/crates/ruma/src/lib.rs
@@ -85,9 +85,9 @@ pub use ruma_identifiers::{
     device_id, device_key_id, event_id, mxc_uri, room_alias_id, room_id, room_version_id,
     server_name, server_signing_key_id, user_id, ClientSecret, DeviceId, DeviceKeyAlgorithm,
     DeviceKeyId, DeviceSignatures, DeviceSigningKeyId, EntitySignatures, EventEncryptionAlgorithm,
-    EventId, KeyId, KeyName, MxcUri, RoomAliasId, RoomId, RoomOrAliasId, RoomVersionId, ServerName,
-    ServerSignatures, ServerSigningKeyId, SessionId, Signatures, SigningKeyAlgorithm,
-    TransactionId, UserId,
+    EventId, KeyId, KeyName, MxcUri, RoomAliasId, RoomId, RoomOrAliasId, RoomVersionId,
+    SecretRequestId, ServerName, ServerSignatures, ServerSigningKeyId, SessionId, Signatures,
+    SigningKeyAlgorithm, TransactionId, UserId,
 };
 
 #[cfg(feature = "client")]