Yeah, I'd be curious to see what people who are still working in the field have to say. My red flags went up as soon as I read "statistical" in the abstract, since that could easily imply the common problem of assuming the existence of a secure PRNG. However, I haven't read the entire paper in depth (and likely won't have time to anytime soon), so I don't really know if that common trap was fallen into.
I wonder, since you said your problem was that it "could easily imply the common problem of assuming the existence of a secure PRNG". Statistical mechanics involves real, true randomness, and the statistical comes in e.g. where you use statistical models of things at the micro scale to explain macro scale behavior. I don't get the impression that it involves statistics in the way you are using the word.
