...one of James Randi's "million dollar paranormal challenges" is protected by a surprisingly weak (dictionary- based) commitment scheme that is easily reversed and that suffers from collisions. For details, see my blog entry about it: Matt Blaze: James Randi owes me a million dollars
Matt made a great observation in his message about this that goes along with my recent post about Crypto Maxims I can say that many of the crypto APIs I have seen are either too complicated to get right unless you are an expert, or they allow easy access to crypto primitives such that programmers are often compelled to make mistakes by oversimplifying a complex solution and not knowing what they are missing. Getting more of this information out of academic papers and into the hands of practitioners and API / framework designers would be a big win for the security field.
It occurs to me that the lack of secure, practical crypto primitives and protocols that are intuitively clear to ordinary people may be why cryptography has had so little impact on an even more important problem than psychic debunking, namely electronic voting. I think "intuitive cryptography" is a very important open problem for our field.