Secure key for android database

Question

Is there any algorithm to generate an encrypted key in android to secure a database?

I tried this PBE algorithm:

PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray(), salt, 
    NUM_OF_ITERATIONS, KEY_SIZE);
SecretKeyFactory factoryKey = SecretKeyFactory.getInstance(PBE_ALGORITHM);
SecretKey tempKey = factoryKey.generateSecret(pbeKeySpec);
SecretKey secretKey = new SecretKeySpec(tempKey.getEncoded(), "AES");

But it generates the same key every time. Any other good algorithms for generating a secure key?

Answer 1

To generate a random secret key, use the KeyGenerator class, with code something like this:

KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(KEY_SIZE);
SecretKey skey = kgen.generateKey();

Note that you will obviously have to store this key securely somewhere if you wish to decrypt your database later, hence it may be worthwhile to pursue the PBE-based solution proposed in your question.