We analyze the security of two number-theoretic pseudo-random generators based on elliptic curves: the elliptic curve linear congruential generator and the elliptic curve power generator. We show that these recursive generators are insecure if sufficiently many bits are output at each iteration (improving notably the prior cryptanalysis of Gutierrez and Ibeas from 2007). We present several theoretical attacks based on Coppersmith's techniques for finding small roots on polynomial equations. Our results confirm that these generators are not appropriate for cryptographic purposes.