In regards to a thread at the TrueCrypt forum.

(This is in reference to this thread at the TrueCrypt forums, in which I can no longer post.)

Ever so often, the reoccurring concerns of "which block cipher is the most secure" and "whether or not cascades should be used" arise. I thought I'd toss in the short answers to those questions, from my point of view. Before I do, I'll add that the long versions can be found in archived posts both here at Wilders and the forum over at TrueCrypt.

As for which block cipher to use -- use the AES. The reasoning is simple; it receives more cryptanalytical attention than any other block cipher, and it's underlying principles are based on research that jumps back over a decade and a half ago. We want to field primitives that have earned their bones, and Rijndael fits the bill quite well; in fact, it's leading the pack in that regard.

As for using cascades -- they're unnecessary. While an application may have implemented them correctly, in which case using them should be no problem, the implementation of cascades introduces complexities that aren't warranted. Why? Because cryptographic correctness and security isn't the problem; implementation correctness and security is, however.

In summation, use the AES alone; believe it or not, it's quite conservative, and it follows the good cryptographic practice of promoting design simplicity. While multiple encryption can enhance the functionality of particular applications, TrueCrypt isn't one of them.

We should be most concerned with the implementation, the users, and the interfacing between them; if failure occurs, those are places to look.