ECC and RSA are not based on the same concept. RSA is based on factorization and if I remember well ECC on modular logarithm. It is considered that factorization is a polynomial time complexity. But modular logarithm is quasi polynomial time complexity. And the difference resides in the quasi. This is why you have the same security with shorter length key.
I tried to generate ECC keys longer than 256 bits, but failed each time, so I doubt that Nitrokey Start is able to manage P384 ECC keys.
Curves are not equivalent, and a lot of controls should be considered. For instance with the Cofactor : to make it simple the number of points you can generate with the curve, and obviously the order of your generator.
If you are curious, study this easy Curve
E : y2 = x3 + 2 with n = 7. so x,y in [0,6]
Regarding the ECDH computation, I need to dig a little bit more.
I tried this command :
OPENSC_DEBUG=9 pkcs15-crypt --decipher --key 2 --input buffToDecode.txt --raw
And got :
P:2528; T:0x139761025049024 21:09:39.994 [pkcs15-crypt] pkcs15-sec.c:221:format_senv: Card does not support EC with field_size 0
P:2528; T:0x139761025049024 21:09:39.995 [pkcs15-crypt] pkcs15-sec.c:222:format_senv: returning with: -1408 (Not supported)
P:2528; T:0x139761025049024 21:09:39.995 [pkcs15-crypt] pkcs15-sec.c:276:sc_pkcs15_decipher: Could not initialize security environment: -1408 (Not supported)
Decrypt failed: Not supported
I have some doubt regarding pkcs15-crypt so I will directly exchange with the Nitrokey Start to check the output of the ECDH computation.