I'm planning on buying a relatively large amount of bitcoins soon, and want to make sure that my plan for safekeeping them is as secure as I think it is. I do not yet have a laptop that I'll use for an offline computer, but plan on using this particular purchase strictly for the purposes of a long term investment, so I don't plan on spending the coins any time soon.
Here's my setup. I'm using Windows 7 64 bit, and I have Armory installed. The wallet I plan on using is offline. After creating the wallet, I transferred the private key to a flash drive so that money cannot be spent from this wallet without me explicitly moving the private key back on to my primary computer, or more likely, buying an offline laptop and moving the private key over there. I will be making a paper backup of this wallet to ensure that I'll have access to my bitcoins in the event that my flash drive crashes and I lose the private key.
Is this setup secure? I want to ensure that I'm secure from both losing the bitcoins to hard drive crashes and keyloggers / trojans.
Update: Oh, I should add that while I haven't yet done this, I plan on encrypting my Armory private keys on my flash drive just as an extra layer of security, on the off chance that there are any trojans out there that look for bitcoin private keys in flash drives. Long term, I'll definitely be investing in a laptop that I'll use as an offline bitcoin storage device, but until I get that point, I think this ought to be fairly secure.
Im not 100% sure I understand what you want to say, but it sounds like:
buy computer A
generate new key on old computer B
copy key from B to A
somehow make sure that key is no longer on B
assume key is now safe on A because A was never online, while totally forgetting that the key comes from B, which is constantly online
Its irrelevant if you encrypt the keys on the USB drive. If B is infected your setup is not safe. If B is safe, why bother buying A in the first place?
If you want to make sure you have a secure private key on a dedicated machine, generate the key on that machine.