is AES key random?

Question

AES key may be generate by this code

KeyGenerator kgen = KeyGenerator.getInstance(\"AES\");
kgen.init(128); 

but

If I have a \"very re

Answer 1

To add to the other answers ... I believe that the reason that the basic Random functions aren't secure are two reasons:

1. Slight statistical biases that are acceptable for non-security related situations, but narrow the distributions unacceptably for security applications.
2. They are seeded by the system DATETIME. Even knowing WHEN you generated your key - to a poor accuracy of +/- 6 months - would significantly reduce the brute force search space.