Apple - Does macOS still use Yarrow as it's cryptographically secure pseudorandom number generator?
Yarrow is gone.
The kernel CPRNG is a Fortuna-derived design targeting a 256-bit security level.
Ok! So I mailed Craig Federighi recently about this, concerned that macOS wasn’t capable of generating >128bit quality keys.
‘The source you were referencing is out of date. You can find more current informations here: FIPS certification document, section 7: "The NDRNG feeds entropy from the pool into the DRBG on demand. The NDRNG provides 256-bits of entropy.”’
What a legend.
So yup, macOS and iOS are both capable of generating 256 bit entropy and creating quality CS keys for both ECC and Symmetric Key crypto.