I really wish people wouldn't base their claims on security contests like this: "nobody has claimed the reward so it must be secure" is fundamentally a really bad argument, and - as Moxie's article on the Telegram crypto contest [1] demonstrates - it's easy to design constraints that look reasonable but in fact make the contest unwinnable, regardless of the scheme's security.

[1]: http://thoughtcrime.org/blog/telegram-crypto-challenge/