Is there a method to break an ECC curve for all key-pairs (Q,d) such that (Q=d*G) faster than breaking every single key-pair? Is there any memory trade-off that helps such attack?
All known serious algorithms for computing what have become known as "discrete logarithms" on elliptic curve over fields of prime order have a very extensive precomputation step, which, when completed allows arbitrary solutions to be computed quickly.
30 years is a pretty long time frame, and bitcoin's ECC is only 128-bit security which crypto experts predict is only good until 2020 or so.
Please provide a citation for this "fact". There is an attempt underway to calculate discrete logs on a 130-bit elliptic curve over a prime order field. Without some massive algorithmic improvements we're not going to have any chance of attacking 256-bit curves in eight years. I seem to recall that there is some speculation that humankind will never be able to count up to 2^128 let alone perform an attack with such a work factor.
ByteCoin