I'm no expert but I'm assuming that on OSX it's derived from the user account password. I'm more than open to the possibility of that being incorrect.
On iOS there is no user account password, only a PIN. Passwords and PINs are both optional, but are they used in generating the Keychain key? If not, is the key just stored somewhere on the device?
Apologies if I've completely misunderstood how this might work.
See these slides for an introduction on data protection on iPhones (presumably, iPads are similar). At the core of the system, there is a device-specific key called the UID-key; it is stored in the CPU itself and each CPU has its own. From that key are derived other keys, including the one used for KeyChain; the user's passcode is also used in the key derivation. The CPU is assumed to be tamper-resistant, which means that you should not be able to extract the UID-key from it. If you access the hardware directly, you can make the CPU use the UID-key, but any brute force attack on the passcode will need to go through the actual CPU.
To sum up, breaking through an iPhone's KeyChain is feasible, but at the cost of an exhaustive search on the PIN code which must use the actual iPhone CPU (so it is not offline). Of course, we are most interested in KeyChain's resistance precisely if the iPhone was stolen, in which case the attacker has access to the hardware.
