It doesn't matter how secure the nonce is. All that matters is that an attacker can't predict what it'll be on each page render (just like a CSRF token), which means they can't craft an input that'll render as Javascript --- and, in particular, they can't ever expect to store such an input and have it render as JS.
I'm not endorsing "script tokens" either --- I think it's a bad idea to change all browsers for a half-measure --- but I think you can execute your core idea far more simply than with crypto.
How do you securely tell the browser what the nonce is to check?