Very interesting. I think halley raises a good point though. The danger with most cryptographic systems is not the underlying idea but the implementation. Have you run the output through a testing suite? I'm thinking of the Diehard tests.
How much random data does it throw out? Implementations like /dev/random tend to not through out all that much data. Having said that you wouldn't need all that much data for most arduino projects.