The introduction of elliptic curve for cryptography (ECC) dated from 1985 (Victor Miller IBM and Neil Koblitz University of Washington). It is an alternative for implementing public-key cryptography. Unlike other popular algorithms such as RSA that are based on factoring, ECC is based on discrete logarithms.
The aim of this paper is first to show the interest of implementing ECC instead of ?classical? cryptographic algorithms like RSA, and second to help in choosing elliptic curves, as there are many types of it in the field. Main argument is the key size: security level corresponding to AES-128 would require RSA-3072 and EC-DSA-256. Furthermore, NSA has recently published Suite B algorithms recommending only elliptic curves-based algorithms, and excluding RSA.
This white paper describes the different types of elliptic curves that can be used in cryptography, the main standards or product specifications where you can find it.