This is a great point. If layering encryption really does introduce new attacks, that suggests encrypting single-layer ciphertext could allow you to perform that layered-ciphertext attack anyways. So I find myself skeptical of chowells' claim here.
I'm no expert here, but if I understand Wikipedia correctly:
* Be sure to use distinct keys and IVs for each individual layer.
* Be aware that encrypting ciphertext could lead to a known-plaintext attack on the outer cipher, if the inner ciphertext starts in a standard way (file header etc.)
Here's Wikipedia: https://en.wikipedia.org/wiki/Multiple_encryption
I'm no expert here, but if I understand Wikipedia correctly:
* Be sure to use distinct keys and IVs for each individual layer.
* Be aware that encrypting ciphertext could lead to a known-plaintext attack on the outer cipher, if the inner ciphertext starts in a standard way (file header etc.)