We can either:
1) Use precomputed P/G values from RFCs. This is better than the current implementation but it opens up a door to potential precomputation attacks in theory.
2) Update the code to use safe prime generator
3) Drop the ElGamal key generation completely
4) Use Diffie-Hellman implementation in the OS to generate keys
Note that using DSA key generator is unsafe because it doesn't guarantee safe primes. While I am not aware on any attacks on keys generated like that it's still not a solid option.
We can either: 1) Use precomputed P/G values from RFCs. This is better than the current implementation but it opens up a door to potential precomputation attacks in theory. 2) Update the code to use safe prime generator 3) Drop the ElGamal key generation completely 4) Use Diffie-Hellman implementation in the OS to generate keys
Note that using DSA key generator is unsafe because it doesn't guarantee safe primes. While I am not aware on any attacks on keys generated like that it's still not a solid option.