Its usually recommended that ‘don’t use your own system of Crypto’ rather use standard SSL/TLS! I understand that SSL/TLS is a complete protocol suite that addresses all three elements of CIA triad. What if I need to use a subset of CIA, say I just need Authentication and Data Integrity. In such a cases isn’t using full SSL/TLS is an overkill?
what’s the issue / risk, if I make and use a customized crypto suite which addresses my specific requirements like in this case for if I just need Authentication and Integrity, I use only digital signing of data with a digital certificate; and skip the encryption part of data (confidentiality is not a concern).