I'm not sure if I get your question correctly. Do you like to use a 256 bit curve to generate a (secret) key of this size and later drop 192 bits? If this is the case your 64 bits will be useless because you secret key will not have any relation with the public. Furthermore, in a magic case that this works, your field operations will continue living in a 256 finite field.
If you like to use a 64 bits EC cryptosystem, first thing you need is to stablish the "setup": a tuple that 'configures' this set up. You may like to check the IEEE P1363 for details, but to have a cryptographically good curve (ignoring the fact that 64 bit is very few). As an example for a finite field:
- Generate $p$: random big prime of your 64 bits.
- Generate $a$ and $b$: in $\mathbb{F}_{p}$
- Check non zero discriminant: $\Delta\neq 0$
- Calculate the cardinal $|E(\mathbb{F}_p)|$
- Check this cardinal is in the hasse interval
- Check this cardinal factorises in $n$ and $h$ where $h<<<n$ and $h\in[1,2,4]$
If steps 3, 5 and 6 fails, go back to step 2 or even 1.
At this point you have a cryptographically good curve, then you need the cyclic subgroup where the ECDLP will protect your secrets.
- Generate a random $x\in_R \mathbb{F}_p$ until you find a valid point in your curve. (for a valid $x$ there will be two $y$, select at random).
- Check $[n]G=\mathcal{O}_E$
Same than before, if you random point doesn't pass check 2, repeat. But the probability to find a good one is bigger as your cofactor $h$ is smaller.
As you can see, this process is not light and it becomes heavier and heavier (exponentially) when you increase your 64 bits.
