As mentioned by Google, don’t use SecureRandom on it’s own to create random key as the default implementation changed in Android 4.2 preventing it being used to deterministically generate keys.
Instead use AES. An example from the Google Android blog:
public static SecretKey generateKey() throws NoSuchAlgorithmException {
// Generate a 256-bit key
final int outputKeyLength = 256;
SecureRandom secureRandom = new SecureRandom();
// Do *not* seed secureRandom! Automatically seeded from system entropy.
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
keyGenerator.init(outputKeyLength, secureRandom);
SecretKey key = keyGenerator.generateKey();
return key;
}
Remember, encrypting and then storing the key on the device isn’t secure. Instead, obtain the key from somewhere else or derive the key, each time, from a user-provided password.