...
The above compliant solutions use 128-bit AES keys. Longer keys (192-bit and 256-bit) may be available if the "Unlimited Strength Jurisdiction Policy" files are installed and available to the Java runtime environment. A brute-force attack against 128-bit AES keys would take billions of years with current computational resources, so absent a cryptographic weakness in AES, 128-bit keys are likely suitable for secure encryption.
Applicability
Use of mathematically and computationally insecure cryptographic algorithms can result in the disclosure of sensitive information.
...