Bitcoin Forum

I'm planning on buying a relatively large amount of bitcoins soon, and want to make sure that my plan for safekeeping them is as secure as I think it is.  I do not yet have a laptop that I'll use for an offline computer, but plan on using this particular purchase strictly for the purposes of a long term investment, so I don't plan on spending the coins any time soon.

Here's my setup.  I'm using Windows 7 64 bit, and I have Armory installed.  The wallet I plan on using is offline.  After creating the wallet, I transferred the private key to a flash drive so that money cannot be spent from this wallet without me explicitly moving the private key back on to my primary computer, or more likely, buying an offline laptop and moving the private key over there.  I will be making a paper backup of this wallet to ensure that I'll have access to my bitcoins in the event that my flash drive crashes and I lose the private key.

Is this setup secure?  I want to ensure that I'm secure from both losing the bitcoins to hard drive crashes and keyloggers / trojans.

Update:  Oh, I should add that while I haven't yet done this, I plan on encrypting my Armory private keys on my flash drive just as an extra layer of security, on the off chance that there are any trojans out there that look for bitcoin private keys in flash drives.  Long term, I'll definitely be investing in a laptop that I'll use as an offline bitcoin storage device, but until I get that point, I think this ought to be fairly secure.

Im not 100% sure I understand what you want to say, but it sounds like:

buy computer A
generate new key on old computer B
copy key from B to A
somehow make sure that key is no longer on B
assume key is now safe on A because A was never online, while totally forgetting that the key comes from B, which is constantly online

Its irrelevant if you encrypt the keys on the USB drive. If B is infected your setup is not safe. If B is safe, why bother buying A in the first place?

If you want to make sure you have a secure private key on a dedicated machine, generate the key on that machine.

It sounds like secure. I don't think you will loose your private key if your wallet is locked.

Thats true, but if you generate a private key it is not encrypted yet. The offline setup is usually for people that can not trust their own everyday system (trojan, keylogger, nsa, just beeing paranoid, etc.). But If I cant trust system B I should not generate the key there. That negates the whole point of the setup. You want an offline PC you can trust where you make the new key. After you encrypted that key you can move it around. The extra paranoid even dump the OS that made the key afterwards.

For large amounts of BTC Id use several 2 of 3 split paper wallets. Load each with up to 10 BTC and put them in different secure places (safe, deposit box, burry underground, etc.) I actually like the idea of putting them underground in many different places so when I die there will be big treasure hunt with riddles to solve and all the good three investigators stuff ;)

I like the idea of using split paper wallets. It sounds like secure.  :)
Then tell me some tips where you bury, I am ready for an investigators stuff  ::) . I was looking for a treasure hunt for a long time, I think this time I found one  ;)  :D .
Kindly,
       Muhammed Zakhir

I see several weak 'attack surfaces' with your described setup. Here's what you can do for large amount:

• The backup: consider using fragmented backup and think well and hard where/who to give each fragment so that you'll be able to collect enough fragments to reconstruct the wallet in case of failure of the original wallet/inability to reach certain fragments etc. Don't keep a single sheet of paper to backup your wallet.
• Also regarding backup: laminate the paper or otherwise make sure it'll withstand the test of time.
• Offline setup: go ahead and get a cheap netbook for the offline computer. Do the following with it:
   - Format, install windows
   - disconnect from internet ENTIRELY - disable internet ports either physically (best) or at least via device manager. From this point on, that netbook will never see an internet connection.
   - install Truecrypt 7.1a for entire disk encryption.
   - install armory offline
   - make the fragmented backups

Thanks guys, this definitely gives me something to think about security wise.  One question: since I don't yet have the computer I will eventually be using as an offline computer, would it be secure to just create a new wallet / private key while my computer is disconnected from the internet and then move the private key off the computer before reconnecting it to the internet?

If that offline computer is already infected with a trojan/virus if might copy the key and transmit it to where the hacker wanted when it gets connected, even though you have removed it prior to getting it online, if you're certain that you're computer is clean and you remove the key before going online, than it would be safe, otherwise not.

Good point.  I don't think my computer is infected, but it's better to be safe and set it up the proper way.  I guess it's time to invest in an offline computer.

Exactly, better to be safe than sorry, instead of spending money on another computer you can buy a new SSD or HDD, and remove your original hard drive from your computer, install the new one, do a fresh windows insall, don't go online, make wallets and keys, keep safe them, encrypt them, remove that drive and put in your original one and go online, This option would save you money and your keys and wallet be secure.

these are my tips for holding a secure wallet.

create an encrypted volume... (FREE)
inside the encrypted volume create a virtualbox virtual machine and install linux. (ALSO FREE)
inside the virtual machine you can either create cold storage wallets OR install wallet software.
take the machine offline until and dismount the encrypted volume until you need to use it.. and use it only for transactions.

this is not 100% as secure as buying a completely fresh machine and using it to create keys without ever connecting it to the internet but it is almost as good and very convenient... also there is no guarantee that a fresh machine will not be compromised either. for example the fresh machine may already have malware on it and it is a bit naive to assume that it will never get connected to the internet (unless you keep it safely locked away)

you can also clone the virtual machine and store your coins in multiple locations across multiple machines and still have piece of mind that not only are your coins secure.. but they wont be lost if there is a disaster.

If you want cold storage, you need to generate your private in an off-line computer, and never let the computer connects to the network again.

Anything else is not absolutely safe

Yeah, I am realizing that from reading these responses and rereading Alan's cold storage how to guide.  I'm planning on buying a cheapo laptop for this and disabling the network drivers so it won't ever go online.

Depends on how paranoid you are, you may compare the address generated by the online computer with the one by the offline computer before you make a payment request. A smart virus in your online computer may replace the address generated by Armory.

if you want to be paranoid, then having a laptop that has never been online is still not absolutely safe unless the machine is also physically locked away somewhere safe along with any backups (paper or otherwise, preferably in different locations). Either that or the Machines HDD (and ram if you are super paranoid) gets physically shredded after any paper wallets are created.

otherwise there really is nothing stopping an unwitting person sometime in the future from installing a new OS or removing the HDD and putting it into another computer.
I think if you go too far though the chance of you losing the keys becomes much greater than someone stealing them.

Physical security is a completely different topic. Obviously you can't use cryptography to fight with a gunman

this isn't about cryptography its about keeping your keys and hence your coins secure.

if you want to make it so that absolutely no-one can take your coins, not even a gun man or the government then you need to shred and burn everything and store it only in your mind.

and lets hope you don't get amnesia or dementia if you do that..

You want to try your wallet once or twice before you make the transaction and you want to secure the flash drive and the paper back up in 2 different secured locations

Personally I prefer to store into 3 different wallets that I secured with different methods not to risk everything in case something goes wrong : I am only risking 33% if the security lawyers fail for one wallet

jl2012 is right, physical security is a totally different matter.  I'll definitely be making a paper backup of the wallet as insurance in case the offline laptop's hard drive crashes or something like that, as I mentioned in my OP. 

I would make two plastic paper back-up and secure them in a bank safe (located in an other city or even an other country if you want to be really careful)

That's actually a really good idea.  Although my bank accounts for my fiat money are all online banking.  I think one of them has physical branches that I could use though.

Thanks, I don't like the idea of having a single paper back-up

If you are really serious and you don't want to think about it for a long time you can even have 2 paper wallets in 2 different bank safes in 2 different safe countries; you may want to use a simple code to secure the paper back-up but it can back fire, the code would be given to your wife, children, best friend and lawyer