If I may answer with my stack overflow hat on...
Here's how I'd draw a random number in way that no participant can influence the result of.
Invite each player to pick a random number, x, and publish the hash(x). Once each hash has been published, each player should then reveal their x. With those x's, add them all together and hash the result. Use that final hash as the random value.
UPDATE: To work around the attack described in the comment below, use two rounds.
- Each player selects a randon number, x, and reveals hash(x).
- When all hashes have been revealed, each player reveals x.
- All x's are combined and hashed. y=hash(all x)
- Each player selects a new random number, z, and reveals hash(y+z).
- When all of the second round of hashes have been revealed, each player reveals z.
- All z's are combined and hashed. The result is used as the random value.
If the player has a prepared hash collision, they could only use it to select their prefered y value. This doesn't help because they would now need a way to find a collision where both inputs have the same prefix (y) which won't be known in advance. If you can do that in a timely manner, we all need a new hash function.
(I welcome comments. Its possible I've missed something else.)