Regarding: 1, 2 and 3 :
I wasn't referring to matching single transaction/single keys and IP adresses, etc.
I was more referring that, if you want to use bitcoin in a meaningful way, you'll have to interract with the real world.
At some point, a real bitcoin user who isn't just playing with bitcoin for the sake of it, will buy an actual good.
Meaning that the seller will need to send the goods to an actual address.
At the other end of the chain, a would-be future bitcoin customer will need actual BTCs to do transaction. Nowaday it's not practical to mine any significant amount of BTCs using hardware available to the average customer. That means that a future bitcoin customer will need to acquire BTC, usually buying them from money (from an exchange or following a face-to-face meeting, etc.)
So no matter through how many public key the BTCs hops, a motivated enough investigator can always track indentities at both end of the chain:
- initial acquisition
- final spending.
sometime it's going to be the same identity (because it's the same person buying the BTCs and spending them after a few public key hops in-between), sometime it's a different identity (because somewhere along the chain, the BTCs 'changed hands' in a way that wasn't registered and matched to any address: for example 2 random people seeding direct donation to each-others address without an real-world interaction. Might happen several time along a chain).
If a really motivated investigator has enough resources (now we're speaking government-level), it is possible to follow tons of such "money trails". By comparing all of them together, it is possible to build whole nets of interactions, and you can match real identities. Even when 1 single money trails is uncertain (money might have switched hands along the track between known end-point), taking into accounts lots of other such money trails help lift uncertainty.
#4) You can use tumblers and coin exchanges to disconnect a given key from you and a transaction.
That's a good valid way to blur the trail.
In the block chains, what you'll see is thousand of user pouring money into the exchange (user funding their accounts) and thousand of users getting money back (user doing withdrawal from the exchange account). Everything in between happens "behind closed doors". The actual buy/sell actions aren't recorded in the blockchain, they happen in the exchange software's database. In the block chain there's just the exchange who's officially held amount of BTCs corresponds to the amount of BTCs currently being exchange by all users. More or less (see MtGox's heist when those numbers don't match anymore).
So trying to make sense of the complex network of interaction is *hard*, *really hard*. Well beyond the efforts used in simply "lifting uncertainty due to invisible switch of owners". Probably only a few poeple in Russia's FSB and US' NSA might have a slim chance of tracking a suspect. (And the tracking is more likely to rely on backdoors and trojans).