This work addresses the challenge of simultaneously achieving high utility, communication efficiency, and robustness against data poisoning attacks in distribution estimation under the shuffle model of differential privacy. The authors propose the Adaptive Segmented Shuffling (ASP) protocol, which employs a randomizer optimized via tight mutual information bounds and a recovery algorithm based on Expectation-Maximization with Adaptive Smoothing (EMAS). Operating in a single round of communication, ASP delivers highly accurate, low-overhead, and strongly robust distribution estimates. Notably, it is the first method in the pure shuffle model to unify high efficiency, minimal communication complexity, and strong robustness: it improves utility by an order of magnitude under small privacy budgets (ε), achieves the lowest known communication cost, and demonstrates over three times greater robustness than existing baselines.

Shuffler-based differential privacy (shuffle-DP) is a privacy paradigm providing high utility by involving a shuffler to permute noisy report from users. Existing shuffle-DP protocols mainly focus on the design of shuffler-based categorical frequency oracle (SCFO) for frequency estimation on categorical data. However, numerical data is a more prevalent type and many real-world applications depend on the estimation of data distribution with ordinal nature. In this paper, we study the distribution estimation under pure shuffle model, which is a prevalent shuffle-DP framework without strong security assumptions. We initially attempt to transplant existing SCFOs and the na\"ive distribution recovery technique to this task, and demonstrate that these baseline protocols cannot simultaneously achieve outstanding performance in three metrics: 1) utility, 2) message complexity; and 3) robustness to data poisoning attacks. Therefore, we further propose a novel single-message \textit{adaptive shuffler-based piecewise} (ASP) protocol with high utility and robustness. In ASP, we first develop a randomizer by parameter optimization using our proposed tighter bound of mutual information. We also design an \textit{Expectation Maximization with Adaptive Smoothing} (EMAS) algorithm to accurately recover distribution with enhanced robustness. To quantify robustness, we propose a new evaluation framework to examine robustness under different attack targets, enabling us to comprehensively understand the protocol resilience under various adversarial scenarios. Extensive experiments demonstrate that ASP outperforms baseline protocols in all three metrics. Especially under small $\epsilon$ values, ASP achieves an order of magnitude improvement in utility with minimal message complexity, and exhibits over threefold robustness compared to baseline methods.