A public "bitcoin address" and a "public key" are not the same thing. When you receive bitcoins at an address for the first time, that address is protected by ECDSA, SHA-256, and RIPEMD-160. The address is public, but the public key is not yet public at that time. If, in the future, a weakness is discovered any one or two of those cryptographic algorithms, your balance will still be protected by the remaining algorithm giving you time to move to a new algorithm before anyone can take your bitcoins.
The first time you send any bitcoins that have been received at that address, you broadcast the public key. At that point, the private key is no longer protected by SHA-256 or RIPEMD-160. It is ONLY protected by ECDSA. Right now ECDSA is secure enough in most cases, so this isn't a concern, but for long term storage you'll want to consider the possibility that a weakness is discovered in ECDSA and you don't hear about it before an attacker does. If you've never sent any bitcoins that were received at the address it won't matter, since you are still protected by SHA-256 and RIPEMD-160. If you have sent those bitcoins and continued to re-use the address, then you've lost that additional protection.
If this doesn't concern or worry you, then you can go ahead and re-use your brain wallets. I just assumed that you were very concerned about security.
Okay, I had no idea that the public key served as a protection mechanism. The way its presented to the laymen, it sounds like you can share your public address, and there will be no security breach if you keep the private key to yourself. Thank you for this bit of knowledge, but I doubt the majority of bitcoin users know about this nuance. Frankly speaking, how are they intending to build a secure digital network currency if the encryption method is due for a breach within its lifetime?
So my question then is, couldn't you use an offline wallet and use something like Armory to conduct offline transactions using proprietary keys? Wouldn't this prevent both your public and private keys of your offline saving wallets from ever being exposed?
Another idea: couldn't I just open up a separate offline wallet on my offline PC to send small funds to so that those bitcoins can be used freely? This also preserves the secure state of my offline savings wallet, correct?
I suspect that paper will out-live you and your memory. Brain-wallets are typically one of the weaker traits of bitcoin. Most people don't chose a passphrase with enough entropy, and human beings are VERY bad at doing anything in a random way. We just aren't designed that way.
I am not a big fan of paper, they are basically like paper money to me. In my eyes, it's tantamount to keeping cash in my mattress, or a safe which will targeted by hoodlums, or keeping it at a bank deposit, which I thought was the direction we were trying to steer away from with this new paradigm shift. Or it could just get lost or destroyed by fire.
I am a big fan of memory, that is the securest method in my opinion. As I'll explain later, I think my brainwallet passphrase is going to be amazing, so I can easily memorize it, while it would be nonsense to others. From there, I can share the brainwallet with my trusted family members in case anything happens to me.
I'm not sure what that means, but the brainwallet concept is a rather weak concept for the vast maority of users.
I agree, vast majority, but my circumstances put me in the category of those who will benefit most from a brainwallet, while significantly mitigating its risks. What I meant originally was that if my passphrase does get hacked, no one will ever be able to support a brainwallet ever again once I've shared my compromised passphrase on the internets.
The public address is fine. It's when you send a transaction and broadcast the public key that you've made the address weaker.
As mentioned earlier, I could use offline transactions, or set up another wallet as a middle man.
The bitcoin address? Yes.
The public key? Only when you send a transaction, and after that it's best not to re-use the address if you are concerned about security.
Duly noted, I'll make sure to let other people know about this.
Yes, as recomended by Satoshi and other knowledgeable people. Always use a private key that is generated from a cryptographically strong source of randomness, and never re-use a receiving address.
I've heard bad things about random generators. One technique I've seen is someone type a bunch of BS letters over 1000 characters long into a brainwallet to generate keys. That seems pretty secure.
Since I don't know which "cumbersome and user-unfriendly tutorials" you are talking about, I am unable to answer this question reliably.
http://georgeoughttohelp.tumblr.com/post/46937654072/transferring-bitcoins-to-a-secure-offline-wallet-usingSo I learned after all of this, is to never let my offline savings wallet's public address ever hit the network. A pain in the ass, but good to know.
I guess my only other question is: should I just memorize the friggin' private key?