Answer from Yubico Support:
The first case is the U2F flow, where there are no such things as discoverable credentials - that is FIDO credentials with information identifying aspects about the credential, such as site URL or username. Since the U2F flow does not have the associated metadata, hashing works fine - the key itself is secure and cannot be recreated without both the master key on the device and the relying party key handle.
The second references discoverable credentials used in WebAuthn. As such, the CTAP/U2F spec was expanded to include descriptions on how to handle these keys and associated metadata. The metadata needs to be secured as well as the key, hence the AES encryption - there is arbitrary data which cannot be derived from a hashing algorithm. This encryption is likewise secure, as the master key used for encryption never leaves the YubiKey as well.
Since the private key is generated on the device, we do need to leverage our RNG for entropy. Should any risks or weaknesses in the RNG or any function of the YubiKey be discovered we will make sure our customers are informed and protected. We take any such vulnerabilities exceedingly seriously - please see https://www.yubico.com/support/issue-rating-system/security-advisories/ for a full list of all security advisories.
In short, both methods are secure and optimized for different uses.
