The population protocol model introduced by Angluin et al. in 2006 offers a theoretical framework for designing and analyzing distributed algorithms among limited-resource mobile agents. While the original population protocol model considers the concept of anonymity, the issue of privacy is not investigated thoroughly. However, there is a need for time- and space-efficient privacy-preserving techniques in the population protocol model if these algorithms are to be implemented in settings handling sensitive data, such as sensor networks, IoT devices, and drones. In this work, we introduce several formal definitions of privacy, ranging from assuring only plausible deniability of the population input vector to having a full information-theoretic guarantee that knowledge beyond an agent's input and output bear no influence on the probability of a particular input vector. We then apply these definitions to both existing and novel protocols. We show that the Remainder-computing protocol given by Delporte-Gallet et al. in 2007 (which is proven to satisfy output independent privacy under adversarial scheduling) is not information-theoretically private under probabilistic scheduling. In contrast, we provide a new algorithm and demonstrate that it correctly and information-theoretically privately computes Remainder under probabilistic scheduling.

翻译：2006年Angluin等人提出的群体协议模型为设计和分析资源受限移动代理间的分布式算法提供了理论框架。尽管原始群体协议模型考虑了匿名性概念，但隐私问题尚未得到充分研究。然而，若要将这些算法应用于处理敏感数据的场景（如传感器网络、物联网设备和无人机），在群体协议模型中需要采用兼顾时间与空间效率的隐私保护技术。本研究提出了多种隐私的形式化定义，涵盖从确保群体输入向量的合理可否认性，到提供完整信息论保证（即代理输入和输出之外的知识不影响特定输入向量的概率）的严格定义。随后我们将这些定义应用于现有及新型协议。研究表明，Delporte-Gallet等人于2007年给出的余数计算协议（该协议在对抗性调度下被证明满足输出无关隐私）在概率调度下不具备信息论隐私性。作为对比，我们提出了一种新算法，证明其在概率调度下能够正确且信息论隐私地计算余数。