No, I realize that (I was thinking that ssh-keygen could be used as a poor-man's authentication for some use cases - basically share a secret between sender & receiver that can be used to ensure that the message has not been tampered with). One of the reasons that I haven't implemented authentication yet is that I want to better understand the differences and nuances of different methods and use cases before deciding on a method. Recommendations are welcome.
Get rid of the weird cipher cascade and replace it either with XAES-GCM or ChaPoly. Do some research into how to handle large ciphertexts with a chunking construction. Use a well-defined construction; don't invent your own.
