So a million cores still takes years. What would you consider infeasible, may I ask?
Also, you're wrong about bruteforcing the domain implying you can decrypt if not for ssl. If you bruteforce (for millions or billions), you won't get the same key. You'll get a key that shares the first 80 bits of its hash with the other key used. So you can use it to mitm or impersonate the site, but you can't use it passively to decrypt connections to the onion.