Almost certainly because of the inappropriately aggressive tone for what would otherwise be a nice clean clarification. I just said "split" and "combine", making it possible to believe I literally meant "put half the bits in each". That's so bad of an idea that I was sure no one would think I meant that. But I can see how I wasn't clear enough. An additional clarification is good info.
But the way it was posted is so inappropriately aggressive that I think people were downvoting based on tone alone.
>That's so bad of an idea that I was sure no one would think I meant that.
Not everyone who reads these HN threads is a cryptographer. It didn't raise serious red flags for me when you mentioned that. I figured it should be OK as long as you make the size of the key twice as large. Is that wrong?
The problem is that no commonly-used symmetric cipher has been studied nearly as heavily with larger keys. 128 bits for a symmetric cipher is enough for all practical purposes barring a cryptographic break, and it gives the best performance. Their constructions aren't so trivial that you can just extend the existing study to larger key sizes mechanically. Using larger key sizes basically means using new ciphers. Unstudied ciphers.
It's much more conservative on your novelty budget to use a well-studied 128-bit cipher along with a well-studied key derivation function. In cryptography, you really should be as conservative as possible with your novelty budget.