How to save secret key securely in android

Question

I just read this article http://android-developers.blogspot.in/2013/02/using-cryptography-to-store-credentials.html where I learnt to generate security key.

I want to kn

Answer 1

If you are generating and using the key in the application, it may be interesting to use the new (API 18+) Android Keystore Provider. The key is stored by a special secure service, which may use secure hardware if available.

It does not store an existing key (created elsewhere), but allow you to create and use keys without having access to the secret key itself. The idea is that the secret key never leaves the secure service, so that nobody can extract it, even your application (or root, if a secure hardware is used).

It also allows you to put restriction on how the key is used (e.g. for a fixed duration after the user authentication)