Elliptic curve trapdoor function without modular arithmetic?

Question

From what I understand, an elliptic contains a set points satisfying the equation

$y^2=x^3 + ax + b$

together with the point at infity.

It seems clear how multiplication with a scalar and a point works, and how point addition works. Discussions about cryptographic applications usually jump right to curves defined over finite fields at this point. I think I understand how that works as well.

What doesn't make sense is whether a curve defined over the field of real numbers could also work as a trapdoor.

If I know that point Q results from multiplication of some integer with the generator point on a curve over real numbers

$Q = dG$

what feasible methods exist to compute d given only a, b, and Q, and G?

In other words, aside from convenience in implementation, what exactly does the finite field add to elliptic curves as trapdoors?

I've seen this discussion, but it doesn't seem to directly address the question here.

Answer 1

First, as poncho correctly noted in a comment, real-based values don't work well with computers, because they require an infinite series / sequence representation and handling infinite amounts of data with a finite amount of storage usually doesn't end well, especially if you don't want to give away structure like in this case.

Second, picking keys is hard if you consider infinite ranges (even if there's an infinite amount of numbers between any two numbers), because you can't sample from an infinite set uniformly at random (then every element would have probability 0 of being picked).

Third, real-numbers often allow for more structure than we'd like. Take for example the logarithm. Computing $\log_3 b$ is easy in $\mathbb R$ (we know efficient algorithms that will yield a solid approximation) whereas finding this over $\mathbb Z_p$ tends to be hard. The fear is that a similar property can be found for the elliptic curve discrete logarithm problem. Also most problems over $\mathbb R$ are a matter of finding a good enough approximation where you can use intermediate approximations and have helpful navigatory metrics and thelike, whereas with crypto you want "hit-or-miss" and no guidance in the right direction.