Decentralized, Reliable, and Efficient AI Management Research & Development Unit (DREAM) l Research l ARL, TCU

Decentralized, Reliable, and Efficient AI Management Research & Development Unit (DREAM)

KEYWORDS

deep learning
artificial intelligence
cyber security
computing infrastructure
retrieval augment generation

●Development of a Privacy-Preserving and Trustworthy AI Infrastructure and Advancement of Federated Learning Technologies

We aim to realize a safe, reliable, and sustainable AI society in future cities by conducting research on foundational technologies that integrate deep learning, machine learning, cryptography, and distributed identification technologies. We are designing secure computing and communication infrastructure to support next-generation technologies such as federated learning and generative AI, with a view to implementing these technologies in various fields such as healthcare, education, and urban services.

Research staff

Prof.

Kohei SHiOMOTO

Computer Networks, Data Science
Assoc. prof.

Masahiro HAYASHI

Reliability, Cyber Security

Research Introduction

Unit Mission and Objectives

This research unit aims to design, implement, and evaluate secure and scalable AI infrastructure by integrating foundational technologies such as federated learning, homomorphic encryption, and decentralized identifiers (DID).
Our core research areas include the design of secure communication protocols that allow collaborative model training without data sharing, privacy-preserving model aggregation using encrypted computations, and high-performance distributed inference on GPU clusters. We also explore applications in high-privacy domains such as medical imaging, while prioritizing infrastructure-level trust and technical feasibility.

Theme 1: Secure Federated Learning Protocols with DID-Based Authentication

●Role & Purpose

In multi-institutional federated learning, ensuring the authenticity of participants and the integrity of communication is essential. This study designs and implements a secure federated learning protocol using decentralized identifiers (DIDs).

●Research Items

・DID-based identifier generation, key management, and blockchain registration
・Onboarding processes and secure communication procedures

●Key Features

DIDs enable decentralized, verifiable identity management for each participant node, tied to public keys. Model updates (e.g., gradients) are stored in encrypted form off-chain, while only metadata is recorded on-chain.
This architecture enhances tamper-resistance and enables scalable integration of secure participants in federated learning environments.

Theme 2: Privacy-Preserving AI Training Infrastructure Using Homomorphic Encryption

●Role & Purpose

Homomorphic encryption (HE) enables computations on encrypted data, making it ideal for privacy-sensitive federated learning. This research implements and evaluates a CKKS-based encrypted model aggregation engine.

●Research Items

・Theoretical analysis of CKKS (RLWE, encoding, rescaling)
・Implementation and optimization using the TenSEAL library
・Evaluation of runtime cost, accuracy degradation, and rescaling overhead

●Key Features

The CKKS scheme supports approximate arithmetic on real-valued encrypted vectors. We implemented encryption, computation, and decryption workflows using TenSEAL, and measured runtime, memory consumption, and accuracy loss for various matrix sizes and encryption depths.
Trade-offs between precision and performance were evaluated through tuning of bootstrapping and rescaling operations.
Future work includes comparison with TFHE and CKKS-SIMD, and potential deployment on HE-accelerated hardware.

Theme 3: Quantitative Evaluation of Gradient Leakage and Defense Techniques

●Role & Purpose

Model gradients in federated learning may leak private data via gradient inversion attacks. This research conducts reconstruction experiments on real datasets, including medical images, and quantitatively evaluates the risk.

●Research Items

・Implementation of gradient inversion algorithms for image reconstruction
・Quantitative evaluation using SSIM, PSNR, and MSE
・Investigation of defenses including gradient obfuscation and sparsification

●Key Features

Using ResNet-based models, gradient inversion was applied to reconstruct input images. Cases with SSIM > 0.6 were observed, demonstrating realistic risk under specific conditions (e.g., initialization seeds, noise levels).
We also analyzed the effectiveness of mitigation techniques such as gradient sparsification and noise injection, which showed substantial improvement in privacy robustness.
Future directions include combining with homomorphic encryption and differential privacy for multi-layered protection

Theme 4: Scalable Distributed AI Inference Framework with LLM and RAG

●Role & Purpose

Large-scale knowledge integration and generation via Retrieval-Augmented Generation (RAG) require scalable computational backends.
This study builds a reliable RAG inference framework using GPU clusters and distributed storage technologies.

●Research Items

・Partitioning and inference optimization for large models (e.g., ResNet152, LLaMA)
・Separation of compute and storage using NVMe-over-TCP and RoCE
・Construction of academic RAG systems with vector search and LLMs

●Key Features

We evaluated GPU memory usage and inference latency under varying token lengths and database sizes. Even with long sequences, memory remained stable while retrieval latency increased linearly.
Model partitioning reduced GPU load and enabled parallel processing across nodes.
Applications include scientific research assistance, medical document explanation, and legal document summarization.