[fc417fc802]

I thought we were speaking more generally. In the specific case of assigning experimental subjects to groups at the time the experiment is performed you'd want a "no tricks up my sleeve" number for the key such as a hash of the date string in ISO standard format (ie yyyy-mm-dd). Your RNG is then AES_ECB( key=sha3(date_string), plaintext=serial_number ) using the serial number of the participant.

If you need to use a rejection method to achieve a uniform distribution you can do so via plaintext=( ( serial_number << 32 ) | sample_counter ).

By adhering to such a scheme it becomes extremely difficult for anyone to reasonably accuse you of underhanded tricks via RNG manipulation.