So this adds that in - suggesting that the risk is probably acceptable for all situations other than the most risk averse that also have high numbers of member files in the ZIP. It doesn't put any figure or formulas in - I think people are going to have to investigate and make their own judgement calls. Essentially I think we want enough information for people to either:
"Oh - we are risk adverse, we need to look into this further"
"We are happy with a bit of risk - we're good"
Also - this removes the "as most other ZIP writer do" part when referring ot encrypting files with the same password. It I think it's borderline defensive, and not really that helpful here, and slightly muddies the message on risk and high numbers of files. Keeping the focus on what stream-zip does to really keep the most important information. If people want to investigate other ZIP writers, they can.
https://crypto.stackexchange.com/questions/109293/keystream-reuse-in-aes-256-in-ae-2-encrypted-zips (which is my own question and answer) describes how the chance of leakage due to high number of member file in a ZIP is really low for AES-256.
So this adds that in - suggesting that the risk is probably acceptable for all situations other than the most risk averse that also have high numbers of member files in the ZIP. It doesn't put any figure or formulas in - I think people are going to have to investigate and make their own judgement calls. Essentially I think we want enough information for people to either:
Also - this removes the "as most other ZIP writer do" part when referring ot encrypting files with the same password. It I think it's borderline defensive, and not really that helpful here, and slightly muddies the message on risk and high numbers of files. Keeping the focus on what stream-zip does to really keep the most important information. If people want to investigate other ZIP writers, they can.