[zaroth]

Primitives vs Protocols.

Encryption primitives rarely fail. The protocols build on top of them seem to consistently fail.

[hackdown]

The principle, the theory is always good. The protocols are implementations, and often implementations are badly done. See with all versions of SSL/TLS prior to TLS 1.3

[benchaney]

There is no inherent reason that this is true, other than the fact that in order for primitives to be widely use they go through a open vetting process.