It's always been told that ECDSA is more secure "per bit of key size", such that it offers same security with a shorter key, or offers stronger security with the same key length.
However, per my understanding, if the length of the key is fixed, it means that the amount of entropy is also fixed (e.g. 160-bit ECDSA key contains no more entropy than 2^160, and a 192-bit AES key contains no more entropy than 2^192). So why is ECDSA considered "more secure" at the same level of entropy?
ECDSA is an asymmetric digital signature algorithm based on Elliptic Curve Cryptography (ECC), closer in purpose and function to digital signatures using RSA. Both are asymmetric algorithms that are very different than AES, which is a symmetric encryption algorithm.
The comparison you are talking about is most likely comparing ECC key sizes to RSA key sizes. This is where the math differs. ECC’s strength is based on the difficulty of solving the discrete logarithm problem.
RSA's strength is based on the difficulty of factoring the product of two very large prime numbers.
The comparison of the two must take into account the difficulty of the math, not of the simple count of the bits.
AES, being symmetric, is completely different. A brute force attack on AES simply consists of trying every possible key in the 2^128 space.
For more information on key lengths, check out https://www.keylength.com, which has an interesting set of comparisons of key lengths taking into account historic, modern, and predicted futures.
