Shared, dynamic network infrastructures, such as dual-use LEO satellite constellations, pose critical threats to metadata privacy, particularly for state actors operating in mixed-trust environments. This work proposes an enhanced anonymity architecture, evolving the Loopix mix-network, to provide robust security and reliability in these volatile topologies. We introduce three primary contributions: (1) A multi-path transport protocol utilizing $(n, k)$ erasure codes, which is demonstrated to counteract the high link volatility and intermittent connectivity that renders standard mix-networks unreliable. (2) The integration of a computationally efficient Private Information Retrieval (PIR) protocol during route discovery. (3) The introduction of adaptive, centrality-based delay strategies that efficiently mitigate the inherent topological bias of LEO networks, providing a superior anonymity-to-latency trade-off. This mechanism provably prevents metadata leakage at the user-provider directory, mitigating profiling and correlation attacks. We validate this architecture via high-fidelity, packet-level simulations of a LEO constellation. Empirical results show our multi-path transport achieves near-zero message loss, establishing a quantifiable trade-off between reliability and bandwidth overhead. Furthermore, microbenchmarks of the PIR protocol quantify its computational and latency overheads, confirming its feasibility for practical deployment. This work provides a validated blueprint for deployable high-anonymity communication systems, demonstrating the viability of securely multiplexing sensitive operations within large-scale commercial network infrastructures.

翻译：共享的动态网络基础设施，如军民两用的低地球轨道卫星星座，对元数据隐私构成了严重威胁，尤其是在混合信任环境中运行的国家行为体。本研究提出了一种增强型匿名架构，通过改进Loopix混合网络，以在这些动态拓扑中提供强大的安全性和可靠性。我们引入了三项主要贡献：(1) 一种利用$(n, k)$擦除码的多路径传输协议，该协议被证明能够应对高链路波动性和间歇性连接问题，而这些问题会导致标准混合网络不可靠。(2) 在路由发现阶段集成了一种计算高效的私有信息检索协议。(3) 引入了基于中心性的自适应延迟策略，有效缓解了低地球轨道网络固有的拓扑偏差，提供了更优的匿名性与延迟权衡。该机制可证明防止用户-提供商目录处的元数据泄露，从而减轻侧写和关联攻击。我们通过对低地球轨道星座进行高保真、数据包级别的仿真来验证该架构。实证结果表明，我们的多路径传输实现了接近零的消息丢失，建立了可靠性与带宽开销之间的可量化权衡。此外，对私有信息检索协议的微基准测试量化了其计算和延迟开销，证实了其在实际部署中的可行性。本研究为可部署的高匿名性通信系统提供了一个经过验证的蓝图，证明了在大型商业网络基础设施中安全复用敏感操作的可行性。