I think a clearer way to express the author's position is to consider the case where a feasible attack is discovered on (say) SHA1. If you consider the probability of an attack on SHA1 and blowfish to be of independent probability, then the author's scheme allows you to "hedge your bets", as in theory your algorithm is as strong as its strongest component, even if the strengths of its components change in the future due to new discoveries.
This line of reasoning assumes A) that the probabilities of attacks on the algorithms are independent, and B) that the algorithms in use do not substantially reduce their input entropy, both of which are potential attacks.
It does _NOT_, however, assume that the scheme be kept secret.
This line of reasoning assumes A) that the probabilities of attacks on the algorithms are independent, and B) that the algorithms in use do not substantially reduce their input entropy, both of which are potential attacks.
It does _NOT_, however, assume that the scheme be kept secret.