The popular VeraCrypt encryption utility, as well as its precursor TrueCrypt, has the option to cascade multiple ciphers on top of each other, such as AES-Twofish-Serpent. It works by cascading three ciphers running in XTS mode. Potentially unnecessary security benefits aside, I am curious how this differs functionally from using a single instance of XTS with a block cipher defined as three cascaded ciphers. Each block cipher uses a different key, expanded from a 512-bit master key with a hash-based KDF.
The only thing I can think of is that the total keyspace would be less, as each XTS increases keyspace. What differences are there between the two schemes in terms of theoretical security or performance?
