Often the encryption algorithms introduced in textbooks are labeled as "textbook encryption algorithms" because they can be found in most textbooks that discuss cryptography. Many security experts have the opinion that these textbook algorithms should never be used in an actual system. What is the motivation for such an opinion, and is it well founded?