implementing your own, not tested and non-standard algorithm is never justified. It's the worst thing you can do in the security world. Nobody will take you seriously if they discover something like this in an audit.
I would take your words seriously if you backed them or was a renowned expert in IT. Without these things your opinion is just an opinion of a stranger on the Internet, value of such opinion is approaching zero from minus infinity. No offence
