One issue is that if you're going to initialize the cards in place (the plan is to have an ERASE button on the board for both initializing two unpaired cards and to quickly re-key a pair to destroy the data if desired). The plan of record was to save a 16 byte PRNG seed key in EEPROM (a different one for each device). You could replace this seed key anytime you wish if you had an AVR programmer handy.

I'm looking into the possibility, however, of gathering entropy for an entropy pool from a hardware RNG. I'm going to attempt to create one with a 20V boost converter, an avalanche configuration of a pair of MMBT3904 transistors and a self-biased inverter. The event loop will read this source periodically and keep a pool of the most recent 32 (or so) bytes. When it's time to reinitialize a volume, this entropy pool will be fed through the AES ECB to whiten it, then that result will be used as a key, with the values 0, 1, 2, etc (as 16 byte values) being fed through ECB one after another to get 16 bytes of random data at a time. At the end, two last blocks of PRNG output will be copied into the entropy pool just in case the button is pushed again in quickly, but the entropy gathering will hopefully push that out before it's needed again.