Apple - Does macOS still use Yarrow as it's cryptographically secure pseudorandom number generator?

Yarrow is gone.

The kernel CPRNG is a Fortuna-derived design targeting a 256-bit security level.

https://support.apple.com/en-ie/guide/security/seca0c73a75b/1/web/1

Ok! So I mailed Craig Federighi recently about this, concerned that macOS wasn’t capable of generating >128bit quality keys.

He responded!

‘The source you were referencing is out of date. You can find more current informations here: FIPS certification document, section 7: "The NDRNG feeds entropy from the pool into the DRBG on demand. The NDRNG provides 256-bits of entropy.”’

What a legend.

enter image description here

So yup, macOS and iOS are both capable of generating 256 bit entropy and creating quality CS keys for both ECC and Symmetric Key crypto.

EDIT: Apple confirmed the kernel CPRNG is a Fortuna-derived design targeting a 256-bit security level.

Tags:

Macos

Kernel

Related

Apple - How can I toggle Automatic Graphics Switching using terminal? Apple - How Do I Permanently Disable Hot Corners on Mac? Apple - How to enable search when using Emoji keyboard on iPhone? Apple - Why are Payments from Apple to New Zealand and Australian bank accounts wire transfers? Apple - What are the practical differences between Bash and Zsh? Apple - When updating to macOS Catalina will the default Python installation get removed from my system? Apple - How can I find out which Automator folder actions are attached to a folder? Apple - Dual Boot Created a New Volume Apple - Dual boot macOS Catalina 10.15 beta and macOS Mojave 10.14 Apple - What can I, as a user, do about offensive reviews in App Store? Apple - Why does VirtualBox crash macOS? Apple - Prevent Mac to sleep when lid closed on Mojave / Catalina

Recent Posts