Yeah ! Actually, Vitalik Buterin in conferences gives this precise example of crypto-lottery as a good example of what we could create with blockchain :)
This is actually a hard problem. In order to be provable, you have to be deterministic (i.e. you can't leave the RNG as a black box). However you can't let any individual (nor any conspiring individuals, think Sybil attacks) predict the result, nor have any control over the result (except perhaps to disqualify themselves).
This week's random number is the concatenation of three cryptographic signatures of last week's random number. The three private keys are kept in different places on cryptographic tokens and they are guarded. Lottery numbers are drawn by a deterministic algorithm using the week's random number as seed. In the case of a compromise of a single private key it can be revoked and replaced by the signature of the two other keys.
I'm not a cryptographer, maybe this scheme is flawed in some way that I can't immediately see.
Presumably, the winner of the lottery will earn lots of money. As such, someone would be willing to spend lots of money in order to ensure they can win. They could therefore bribe the guards to give up the keys before bets are placed, and therefore know what to bet on.
Satoshi Dice seems to solve the problem between two players. This is a much easier problem than 3 or more player. With 3 or more players, you have to worry about other players colluding with each other to increase their chances unfairly.
