Topic: How does someone with a single wallet with 30k coins not feel vulnarable? (Read 2843 times)

This.

according to Wikipedia, the largest number factored by a quantum computer was "143".
that's not a very big number.  so we are pretty far.  that's why no one is really
too concerned right now or writing many bitcoin articles about it.

Yeah, but I was more looking for some articles written about it with regards to bitcoin. But thank you.

wikipedia is your friend (sometimes)
http://en.wikipedia.org/wiki/Quantum_computer

This thread just gave me a great idea for a movie. 

Yes, a practical enhancement, even under the simplifying assumption that the passphrase is stored at A.  My argument was only that 2-of-3 encryption is not necessarily more secure than vanilla encryption.  One needs assumptions about the relative security (and independence) of the three locations to make this deduction.

It seems unlikely to me that a person would have one location so much more secure than any others that my argument will apply.  A prisoner may qualify, who's mind may be far more secure against searches than anything external to their body.  I imagine that most people with 30k bitcoins will have access to a range of highly secure locations.

Are there any articles or anything about the topic? It sounds interesting. I don't really know what the theories are regarding how they could potentially break SHA256. It sounds interesting though.

And also are there already people theorizing on a post-quantum cryptography?

Billions was correct.

Well you can encrypted (BIP32) each of the multisig keys for added security.  For example I keep one of my multisig keys in a safety deposit box.  Sure it could be compromised but the probability that the box with be compromised AND the passphrase brute forced is remote.  The redundant systems are always a good idea.   Your house may be very secure.  You may even have a $50,000 safe protecting your cold storage private key but disasters do happen.  The loss of the key in a single key system would be catastrophic.  Lost funds are just as gone as stolen funds.

For the OP, if all you are worried about is the loss of a single key you can accomplish secure m-of-n redundancy without using on blockchain multisig.  Shamir's Secret Sharing is an algorithm which allows you to break a secret (i.e. a private key) into n pieces such that you need m of them to reconstruct the original secret.  The m and n can be decided at the time the shared secret is created and can be adapted to a number of needs.  Another secure but less flexible option is just to XOR multiple "subkeys" together to produce the full key.  It is deceptively simple but due to the nature of XOR even if an attacker has all the subkeys but one the security of the full key hasn't be reduced at all.

The tools for multisig are still a little rough and they were a lot more rough in the past.   Due to the limited support for multisig it is possible that some of those high value "single keys" while being encumbered by a single bitcoin private key are stored anywhere as a single complete key.  I used SSS over multisig but I switched recently to P2SH multisig because the tools had adapted enough that I felt comfortable using it.

Quantum computers are decades away from making any impact.  Bitcoin could be upgraded
to post-quantum cryptography in the future if necessary.

How does quantum computing change the game at all? I know Satoshi was aware of the potential of quantum computing and had mentioned it once or twice. Anyone know much about how it will affect bitcoin?

Separate wallets with separate points of failure linearly increase the
chances the some funds will be stolen, but
exponentially decrease the chances that ALL funds will be stolen.

Suppose that a 2-of-3 key storage system is in use.  Label the private key locations as A, B, and C and let p(A), p(B), and p(C) be the respective probabilities that these locations become compromised (within a certain time window related to checking/key-refreshing freqeuncy; compromised meaning either theft or destruction).  Suppose that A is far more secure than B and C, so much so that p(A) > p(B)p(C).  In this case, storing the bitcoins with a single key at A offers greater security.

i have my own ways of securing my stash. none of which involve friends or family securing my stuff...

I hope to upgrade my cold-storage to m of n signatures. I would be the one with access to all 3 keys, but they would be stored in 3 different locations.

You'd be very, very surprised.  The trick is, don't to after the guy everybody knows has a bundle.  Go after the guys talking about the guy with the bundle.  I wonder, if I announced my coins were on a certain sever at a certain IP address, would I get some unwanted suitors?  I may have I test that out in a honeypot.

I'd be nervous with that kind of money whether it's bitcoin, dollars, or something else.  If you use some common sense and have proper real life security you should be fine.

Like others said, the ability to crack that key is so far fetched right now.

Why don't you ask satoshi? Or mtgox's "stolen" coins? Those amount to much more than 30k btc.

Mathematically it is very unlikely that  any computer will be able to "guess" the private key of the subject address. There is a much higher chance that the computer housing the private key somehow is compromised and signs a TX with the private key

*facepalm*

You don't have to give the other private keys to other people.

You can have 3 private keys, instead of one.

Need two for any transaction to occur...

Keep one in a bank vault, one in a safe in your house, and encrypt the other one, cut it in half and store one half at a friend's place, and one and a parent's or another friend.

That is 100000000000x fucking less risky than just having one private key.

tl;dr multi sig is for EVERYONE that understands the concept of 2 factor authentication.