Ahmed Hassan said the following on 03/01/2014 13:47:
There is a huge difference between asymmetric encryption and cryptographically secure pseudo-random number generator. EC is secure, the default random number generator on Linux is /dev/urandom. It does not use the backdoored NSA PRNG.
The algorythm behind /dev/urandom is not robust (http://eprint.iacr.org/2013/338.pdf)
With headless and/or virtual servers the issue is even bigger because Linux could not be able to collect enough entropy to seed /dev/urandom
Some entropy generator daemon such as timer_entropyd (http://www.vanheusden.com/te/), haveged (http://www.issihosts.com/haveged/) or randomsound (http://www.digital-scurf.org/software/randomsound) can be used to generate more entropy
Ciao, luigi