Unknown object in stream? What version of Android is that, never seen that particular error? Well, regardless, when you say "save my keys," what do you mean exactly? Are you trying to import other people's public keys, or are you trying to import your own private key?There's recently been a big to-do about a bug in the standard Java encryption library. Note that Android is built on Java; the vast majority of apps are written in Java, and it's likely that Java developers would naturally use the standard Java libraries. They're calling it an Android bug but it's really a Java bug and for all I know apg uses its own algorithm, but I wouldn't generate any keys in Android unless you really know what you're doing.Also, I think you may be confusing "don't use phones for encryption" with what people should be saying, which is "don't ever trust a cell phone with your secrets." The entire device is insecure -- you aren't even the "owner" of the phone when you buy the thing (as in you don't have superuser permissions).