Secure Randomized Identification (SRI)

Updated 25 December 2025

Secure Randomized Identification (SRI) is a cryptographic framework that defines protocols for reliable user and data identification with robust security and privacy guarantees.
It employs layered random binning and information-theoretic coding strategies to balance high authentication performance with minimal information leakage.
SRI is applied in biometric systems, massive random access networks, and quantum communications to optimize secure authentication even in noisy channels.

Secure Randomized Identification (SRI) refers to a general information-theoretic and cryptographic framework for user or data identification protocols that combine randomization, security/robustness guarantees, and—in various settings—privacy against adversarial inference. SRI underpins a range of mechanisms, from large-scale authentication in communication systems and privacy-preserving biometric identification, to secure identification over noisy and molecular channels, and quantum-limited protocols. This article presents the core models, analytical tradeoffs, coding strategies, capacity results, utilized primitives, and typical applications of Secure Randomized Identification.

1. Foundational Models and Definitions

SRI formalizes the task where, given a dataset (e.g., biometrics, secret keys, random codewords) or a channel output, a verifier must reliably identify an entity (user/event) with strong security constraints—often in the presence of an active adversary with partial knowledge or noisy observations.

The canonical SRI model, e.g., (Kittichokechai et al., 2015), consists of:

Enrollment: Each user $w$ generates an i.i.d. source sample $X^n(w)\sim \prod P_X$ . An (possibly randomized) encoder produces two outputs: a public message $M(w)$ (a compressed template) and a secret key $S(w)$ .
Identification/Authentication: Upon a query $Y^n$ (measure or channel output correlated to $X^n(W)$ ), the system seeks to produce both an estimated user $\hat{W}$ and secret $\hat{S}$ . Successful authentication requires $(\hat{W},\hat{S})=(W,S(W))$ .
Adversary: The attacker observes all $M(w)$ and obtains side information $Z^n$ (correlated with $X^n(W)$ ).
Security/Privacy Constraints: Information leakage about $X^n(w)$ and $S(w)$ must be small in a precise sense (e.g., mutual information vanishing per sample).

Formally, the achievable region is specified in terms of rates (identification $R_I$ , compression $R_C$ , leakage $L$ , secret-key $R_S$ ) and error exponents (false acceptance $E_{FA}$ ), with single-letter characterizations for optimality.

2. Coding Strategies and Achievability—Layered Random Binning

The optimal SRI strategy for discrete memoryless sources involves layered random binning as detailed in (Kittichokechai et al., 2015):

First Layer: Generate $2^{n I(X;U)}$ $u^n$ sequences, bin them into $2^{n[R_I + I(X;U|Y)]}$ groups (indexed by $M^{(1)}$ ).
Second Layer: For each $u^n$ , generate $2^{n I(X;V|U)}$ $v^n$ , bin into $2^{n I(X;V|U,Y)}$ groups (indexed by $M^{(2)}$ ). Each group is further sub-binned; the sub-bin index serves as the secret key $S(w)$ .
Identification: The decoder, with all $M(w)$ and $Y^n$ , searches for matching $(u^n,v^n)$ typical with $Y^n$ .
Security: The layered binning structure ensures both low information leakage (privacy) and high resilience against false acceptances and impersonation (security), enforced via the Markov structure $U-V-X-(Y,Z)$ .

The achievable rate region is:

$\begin{align*} R_I &\leq I(Y;U) \ R_C &\geq R_I + I(X;V|Y) \ L &\geq I(X;V,Y) - I(X;Y|U) + I(X;Z|U) \ R_S &\leq I(V;Y|U) - I(V;Z|U) \ E_{FA} &\leq I(V;Y|U) - I(V;Z|U) \end{align*}$

where the optimization is over $P_{X}P_{Y,Z|X}P_{V|X}P_{U|V}$ and the stated cardinality constraints.

3. Secure Randomized Identification on Channels

3.1 Gaussian and Poisson Channels

SRI extends to information-theoretic settings where identification is performed over noisy communication channels:

Gaussian Wiretap Channel (GWC): The SRI capacity equals the main channel's Shannon capacity $C(g,P)=\frac{1}{2}\log(1+P/\sigma^2)$ whenever the secrecy capacity $C_S = \frac{1}{2}\log\frac{1+P/\sigma^2}{1+P/\sigma'^2} > 0$ ; otherwise, SRI capacity is zero, reflecting a "dichotomy" (Labidi et al., 2020).
Poisson Channel: For both classical and secure identification, the identification capacity matches the channel transmission capacity provided Bob's mutual information exceeds Eve's. The code construction concatenates a transmission code and a wiretap code, achieving doubly exponential codebook growth in blocklength— $N \sim \exp(2^{n C_{tx}})$ (Labidi et al., 18 Dec 2025).

3.2 Protocol Construction

Identification codes deploy two-layer randomness: a secure transmission code for "color" indices and a reliable code for identity coloring. Decoders operate by checking functionally-defined membership; eavesdropper advantage is limited by pushing total-variation distance between output measures under different identities to zero.

In MIMO Gaussian channels, SRI capacity is established by channel diagonalization (SVD), reduction to parallel SISO channels, and water-filling, achieving capacity equal to the classical MIMO Shannon capacity (Labidi et al., 2020).

4. Cryptographic and Privacy-Preserving SRI

4.1 Message Authentication Codes in Massive Random Access

In massive unsourced random access (U-RA) settings, classical user addressing is infeasible. SRI is achieved by appending a short message authentication code (MAC) to each user's payload. Each user computes $m_i = h(d_i, k_i, b)$ , where $k_i$ is a secret key and $b$ is a public nonce, and transmits $w_i = [d_i||m_i]$ . At the receiver (BS), the authentication test checks whether $h(\hat{d}_j,k_i,b)=\hat{m}_j$ for any $i$ .

The collision and mis-authentication probabilities are determined by $L$ (the MAC length): choosing $L=32$ bits yields collision probability $p=2^{-32}$ and contains the cryptographic error well below typical physical-layer error floors, even in large- $N$ regimes (up to $10^5$ users) (Kotaba et al., 2021).

4.2 Privacy-Preserving Biometric SRI

For biometric identification, privacy-preserving SRI is realized by:

Obfuscating Hamming distances using substring collision counts and randomized one-bit variants;
Concealing indices in randomized Montgomery domains via nested multiplicative mappings, ensuring negligible mutual information leakage;
Deploying privacy-utility controls via collision interval width, enabling detection probabilities exceeding 96% on realistic datasets at negligible computational cost compared to Paillier or hash-based schemes (Wang et al., 2017).

A three-party protocol (User, Data Owner, Server) is used for key generation, enrollment, index construction, and querying, employing layered Montgomery signatures for security.

5. SRI in Quantum and Physical-Layer Cryptography

Within the isolated qubits model (IQM), SRI is constructed from string randomized oblivious transfer (ROOT) and its one-out-of- $k$ generalizations (Vogiatzian, 2015):

The ROOT primitive supports identification by delivering random strings to Alice and the selected string to Bob, ensuring sender–receiver privacy via $r$ -wise independent hashing and efficient error-correcting codes.
Interactive protocols for password-based identification leverage ROT and pairwise-independent hashing, achieving negligible error and soundness without entanglement.
Non-interactive SRI protocols are shown to be impossible even when ROT is available, due to adversarial control over OT messages in the absence of Bob→Alice interaction.

Security is quantified via trace distance to the ideal functionality, and composability is guaranteed under the measure-at-end (LOCC only) restriction.

6. Trade-Offs, Capacity Regions, and System Design Implications

The SRI framework, across all modalities, is characterized by sharp operational trade-offs:

In source-based SRI (biometrics, key-based systems), the maximal achievable secret-key rate coincides with the exponent of the maximum false acceptance probability, $R_S=E_{FA}=\max_{U,V}[I(V;Y|U)-I(V;Z|U)]$ , under the same privacy and compression constraints (Kittichokechai et al., 2015).
In channel-based SRI (Gaussian, Poisson), positive SRI capacity is achievable if and only if the legitimate receiver's channel is strictly better than the adversary's (main/strong secrecy dichotomies).
In U-RA and privacy-preserving index schemes, parameter selection (MAC length, substring partitioning) calibrates the trade-off between throughput, false acceptance, computational cost, and privacy leakage.

The table below summarizes capacity/metric relations in representative SRI settings:

Setting	Identification Rate	Security Constraint	Achieves When
Source/SI SRI (Kittichokechai et al., 2015)	$R_I \leq I(Y;U)$	$L \to 0$ , $R_S \leq I(V;Y\|U)-I(V;Z\|U)$	Markov $U-V-X-(Y,Z)$
Gaussian/Pois. Ch. (Labidi et al., 2020, Labidi et al., 18 Dec 2025)	$R = \lim \frac{1}{n}\log\log N(n,\lambda)$	$C_S>0$	$I(X;Y)>I(X;Z)$
U-RA + MAC (Kotaba et al., 2021)	$B=nR$ (bits/slot)	$p_{s_\text{auth}} \approx (1-p)^{N+K-2}$	Sufficiently large $L$
Montgomery SRI (Wang et al., 2017)	--	$I(X;\Gamma_1,\Gamma_2)\to 0$	Large $c_R$ , $c_N$

7. Applications and Practical Impact

Secure Randomized Identification protocols have been adopted in:

Biometric access control with provable privacy guarantees, enabling resilience to adversarial template analysis.
Massive connectivity scenarios (5G/6G, IoT) where explicit addressing is infeasible; SRI permits high spectral efficiency and low authentication error in unsourced communication paradigms.
Energy-limited event detection (e.g., molecular communication, IoBNT) where SRI supports detection of an exponentially large set of triggers with stringent energy and privacy constraints.
Quantum-limited and low-trust cryptographic infrastructures where only single-qubit operations are available.
MIMO systems, leveraging separation of identification coding and signal processing for scalable secure ultra-reliable access.

SRI's unifying principle is the deployment of carefully structured, randomized encoding and decoding mechanisms that saturate the information-theoretic limits for secure identification, leveraging both statistical compression and cryptographic obfuscation—subject to explicit, quantified performance and privacy guarantees.