Software developers are usually told “never write your own password”. There must be enough cases of actual damage caused by DIY encryption routines in the past few decades. This is also the introduction of [francis stokes] ‘article on using his own password system. Even if you understand the mathematical knowledge behind encryption systems such as AES (symmetric encryption), the assumptions made by your code, side channels and many other types of attacks may make your efforts in vain.
So why write an article that clearly tells you what not to do? This is contained in the often forgotten “don’t use your own encryption” addendum, which is “for anything important”. [francis] the tutorial on how to implement AES introduces software developers to symmetric key encryption, provides incredible information, and shows some obvious weaknesses that AES library users may not know.
This explains why any developer who uses encryption technology in some way should fully use their own encryption technology: deeply understand the black box of the library, and better understand how the mathematical principle behind AES is transformed into a real system. In addition, if your goal is to become a security researcher whose daily work is to find defects in these systems, then this may be very enlightening.
Basically: you must try it at home, just keep your DIY password away from the production server:)