PRNG i GMP

[Torbjörn Granlund]

Since long, I have intended to implement AES-based PRNGs in GMP.  The
idea being that if AES is a good encryption algorithm, the sequence
AES_encrypt(cnt,key) for cnt=0,1,... will be simply great.  :-)

Now we have the NIST standard SP 800-108a.  It messes around with key
replacements after some generated numbers, and does other contortions.

What do people here think, do we need SP 800-108a or is my simple
AES_encrypt(cnt,key) good enough for GMP?

-- 
Torbjörn
Please encrypt, key id 0xC8601622