diff --git a/ec2n.h b/ec2n.h
index da783734..b300644f 100644
--- a/ec2n.h
+++ b/ec2n.h
@@ -18,7 +18,8 @@
 
 NAMESPACE_BEGIN(CryptoPP)
 
-//! Elliptic Curve Point
+//! \class EC2NPoint
+//! \brief Elliptical Curve Point over GF(2^n)
 struct CRYPTOPP_DLL EC2NPoint
 {
 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
@@ -40,7 +41,8 @@ struct CRYPTOPP_DLL EC2NPoint
 
 CRYPTOPP_DLL_TEMPLATE_CLASS AbstractGroup<EC2NPoint>;
 
-//! Elliptic Curve over GF(2^n)
+//! \class EC2N
+//! \brief Elliptic Curve over GF(2^n)
 class CRYPTOPP_DLL EC2N : public AbstractGroup<EC2NPoint>
 {
 public:
@@ -52,14 +54,23 @@ public:
 	virtual ~EC2N() {}
 #endif
 
+	//! \brief Construct an EC2N
 	EC2N() {}
+
+	//! \brief Construct an EC2N
+	//! \param field Field, GF2NP derived class
+	//! \param a Field::Element
+	//! \param b Field::Element
 	EC2N(const Field &field, const Field::Element &a, const Field::Element &b)
 		: m_field(field), m_a(a), m_b(b) {}
-	// construct from BER encoded parameters
-	// this constructor will decode and extract the the fields fieldID and curve of the sequence ECParameters
+
+	//! \brief Construct an EC2N from BER encoded parameters
+	//! \param bt BufferedTransformation derived object
+	//! \details This constructor will decode and extract the the fields fieldID and curve of the sequence ECParameters
 	EC2N(BufferedTransformation &bt);
 
-	// encode the fields fieldID and curve of the sequence ECParameters
+	//! \brief Encode the fields fieldID and curve of the sequence ECParameters
+	//! \param bt BufferedTransformation derived object
 	void DEREncode(BufferedTransformation &bt) const;
 
 	bool Equal(const Point &P, const Point &Q) const;
@@ -105,9 +116,15 @@ private:
 CRYPTOPP_DLL_TEMPLATE_CLASS DL_FixedBasePrecomputationImpl<EC2N::Point>;
 CRYPTOPP_DLL_TEMPLATE_CLASS DL_GroupPrecomputation<EC2N::Point>;
 
-template <class T> class EcPrecomputation;
+//! \class EcPrecomputation
+//! \brief Elliptic Curve precomputation
+//! \tparam EC elliptic curve field
+template <class EC> class EcPrecomputation;
 
-//! EC2N precomputation
+//! \class EcPrecomputation<EC2N>
+//! \brief EC2N precomputation specialization
+//! \details Implementation of <tt>DL_GroupPrecomputation<EC2N::Point></tt>
+//! \sa DL_GroupPrecomputation
 template<> class EcPrecomputation<EC2N> : public DL_GroupPrecomputation<EC2N::Point>
 {
 public:
diff --git a/eccrypto.h b/eccrypto.h
index 9432fbf7..47be169d 100644
--- a/eccrypto.h
+++ b/eccrypto.h
@@ -284,10 +284,7 @@ struct DL_Keys_EC
 #endif
 };
 
-//! \class ECDSA
-//! \brief Elliptic Curve DSA
-//! \tparam EC elliptic curve field
-//! \tparam H HashTransformation derived class
+// Forward declaration; documented below
 template <class EC, class H>
 struct ECDSA;
 
@@ -374,11 +371,11 @@ struct ECNR : public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMe
 //!   Schemes with <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=false</tt> and <tt>LABEL_OCTETS=true</tt>.
 //! \details If you desire an Integrated Encryption Scheme with Crypto++ 4.2 compatibility, then use the ECIES template class with
 //!   <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=false</tt> and <tt>LABEL_OCTETS=true</tt>.
-//! \details If you desire an Integrated Encryption Scheme with Bouncy Castle 1.55 and Botan 1.11 compatibility, then use the ECIES
+//! \details If you desire an Integrated Encryption Scheme with Bouncy Castle 1.54 and Botan 1.11 compatibility, then use the ECIES
 //!   template class with <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=true</tt> and <tt>LABEL_OCTETS=false</tt>.
-//! \details Bouncy Castle 1.55 and Botan 1.11 compatibility are the default template parameters. The combination of
+//! \details The default template parameters ensure compatibility with Bouncy Castle 1.54 and Botan 1.11. The combination of
 //!   <tt>IncompatibleCofactorMultiplication</tt> and <tt>DHAES_MODE=true</tt> is recommended for best efficiency and security.
-//!   SHA1 is used for compatibility reasons, but it can be changed of if desired. SHA-256 or another hash will likely improve the
+//!   SHA1 is used for compatibility reasons, but it can be changed if desired. SHA-256 or another hash will likely improve the
 //!   security provided by the MAC. The hash is also used in the key derivation function as a PRF.
 //! \details Below is an example of constructing a Crypto++ 4.2 compatible ECIES encryptor and decryptor.
 //! <pre>
@@ -392,7 +389,7 @@ struct ECNR : public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMe
 //! \sa DLIES, <a href="http://www.weidai.com/scan-mirror/ca.html#ECIES">Elliptic Curve Integrated Encryption Scheme (ECIES)</a>,
 //!   Martínez, Encinas, and Ávila's <A HREF="http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf">A Survey of the Elliptic
 //!   Curve Integrated Encryption Schemes</A>
-//! \since Crypto++ 4.0
+//! \since Crypto++ 4.0, Crypto++ 5.6.6 for Bouncy Castle and Botan compatibility
 template <class EC, class HASH = SHA1, class COFACTOR_OPTION = NoCofactorMultiplication, bool DHAES_MODE = true, bool LABEL_OCTETS = false>
 struct ECIES
 	: public DL_ES<
diff --git a/ecp.h b/ecp.h
index b4bde16f..471dc71c 100644
--- a/ecp.h
+++ b/ecp.h
@@ -16,14 +16,20 @@
 
 NAMESPACE_BEGIN(CryptoPP)
 
-//! Elliptical Curve Point
+//! \class ECPPoint
+//! \brief Elliptical Curve Point over GF(p), where p is prime
 struct CRYPTOPP_DLL ECPPoint
 {
 #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
 	virtual ~ECPPoint() {}
 #endif
 
+	//! \brief Construct an ECPPoint
+	//! \details identity is set to <tt>true</tt>
 	ECPPoint() : identity(true) {}
+
+	//! \brief Construct an ECPPoint from coordinates
+	//! \details identity is set to <tt>false</tt>
 	ECPPoint(const Integer &x, const Integer &y)
 		: x(x), y(y), identity(false) {}
 
@@ -38,7 +44,8 @@ struct CRYPTOPP_DLL ECPPoint
 
 CRYPTOPP_DLL_TEMPLATE_CLASS AbstractGroup<ECPPoint>;
 
-//! Elliptic Curve over GF(p), where p is prime
+//! \class ECP
+//! \brief Elliptic Curve over GF(p), where p is prime
 class CRYPTOPP_DLL ECP : public AbstractGroup<ECPPoint>
 {
 public:
@@ -50,15 +57,29 @@ public:
 	virtual ~ECP() {}
 #endif
 
+	//! \brief Construct an ECP
 	ECP() {}
+
+	//! \brief Copy construct an ECP
+	//! \param ecp the other ECP object
+	//! \param convertToMontgomeryRepresentation flag indicating if the curve should be converted to a MontgomeryRepresentation
+	//! \sa ModularArithmetic, MontgomeryRepresentation
 	ECP(const ECP &ecp, bool convertToMontgomeryRepresentation = false);
+
+	//! \brief Construct an ECP
+	//! \param modulus the prime modulus
+	//! \param a Field::Element
+	//! \param b Field::Element
 	ECP(const Integer &modulus, const FieldElement &a, const FieldElement &b)
 		: m_fieldPtr(new Field(modulus)), m_a(a.IsNegative() ? modulus+a : a), m_b(b) {}
-	// construct from BER encoded parameters
-	// this constructor will decode and extract the the fields fieldID and curve of the sequence ECParameters
+
+	//! \brief Construct an ECP from BER encoded parameters
+	//! \param bt BufferedTransformation derived object
+	//! \details This constructor will decode and extract the the fields fieldID and curve of the sequence ECParameters
 	ECP(BufferedTransformation &bt);
 
-	// encode the fields fieldID and curve of the sequence ECParameters
+	//! \brief Encode the fields fieldID and curve of the sequence ECParameters
+	//! \param bt BufferedTransformation derived object
 	void DEREncode(BufferedTransformation &bt) const;
 
 	bool Equal(const Point &P, const Point &Q) const;
@@ -107,9 +128,16 @@ private:
 CRYPTOPP_DLL_TEMPLATE_CLASS DL_FixedBasePrecomputationImpl<ECP::Point>;
 CRYPTOPP_DLL_TEMPLATE_CLASS DL_GroupPrecomputation<ECP::Point>;
 
-template <class T> class EcPrecomputation;
+//! \class EcPrecomputation
+//! \brief Elliptic Curve precomputation
+//! \tparam EC elliptic curve field
+template <class EC> class EcPrecomputation;
 
-//! ECP precomputation
+//! \class EcPrecomputation<ECP>
+//! \brief ECP precomputation specialization
+//! \details Implementation of <tt>DL_GroupPrecomputation<ECP::Point></tt> with input and output
+//!   conversions for Montgomery modular multiplication.
+//! \sa DL_GroupPrecomputation, ModularArithmetic, MontgomeryRepresentation
 template<> class EcPrecomputation<ECP> : public DL_GroupPrecomputation<ECP::Point>
 {
 public:
diff --git a/gfpcrypt.h b/gfpcrypt.h
index f97599a0..24f6e6eb 100644
--- a/gfpcrypt.h
+++ b/gfpcrypt.h
@@ -1,10 +1,11 @@
+// gfpcrypt.h - written and placed in the public domain by Wei Dai
+
+//! \file eccrypto.h
+//! \brief Classes and functions for schemes based on Discrete Logs (DL) over GF(p)
+
 #ifndef CRYPTOPP_GFPCRYPT_H
 #define CRYPTOPP_GFPCRYPT_H
 
-/** \file
-	Implementation of schemes based on DL over GF(p)
-*/
-
 #include "config.h"
 
 #if CRYPTOPP_MSC_VERSION
@@ -544,9 +545,9 @@ CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_WithSignaturePairwiseConsistencyTest<D
 //!   Ecryption Schemes with <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=false</tt> and <tt>LABEL_OCTETS=true</tt>.
 //! \details If you need this method for Crypto++ 4.2 compatibility, then use the ECIES template class with
 //!   <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=false</tt> and <tt>LABEL_OCTETS=true</tt>.
-//! \details If you need this method for Bouncy Castle 1.55 and Botan 1.11 compatibility, then use the ECIES template class with
+//! \details If you need this method for Bouncy Castle 1.54 and Botan 1.11 compatibility, then use the ECIES template class with
 //!   <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=ture</tt> and <tt>LABEL_OCTETS=false</tt>.
-//! \details Bouncy Castle 1.55 and Botan 1.11 compatibility are the default template parameters.
+//! \details Bouncy Castle 1.54 and Botan 1.11 compatibility are the default template parameters.
 //! \since Crypto++ 4.0
 template <class MAC, bool DHAES_MODE, bool LABEL_OCTETS=false>
 class DL_EncryptionAlgorithm_Xor : public DL_SymmetricEncryptionAlgorithm
@@ -678,11 +679,11 @@ public:
 //!   Schemes with <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=false</tt> and <tt>LABEL_OCTETS=true</tt>.
 //! \details If you desire an Integrated Encryption Scheme with Crypto++ 4.2 compatibility, then use the DLIES template class with
 //!   <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=false</tt> and <tt>LABEL_OCTETS=true</tt>.
-//! \details If you desire an Integrated Encryption Scheme with Bouncy Castle 1.55 and Botan 1.11 compatibility, then use the DLIES
+//! \details If you desire an Integrated Encryption Scheme with Bouncy Castle 1.54 and Botan 1.11 compatibility, then use the DLIES
 //!   template class with <tt>NoCofactorMultiplication</tt>, <tt>DHAES_MODE=true</tt> and <tt>LABEL_OCTETS=false</tt>.
-//! \details Bouncy Castle 1.55 and Botan 1.11 compatibility are the default template parameters. The combination of
+//! \details The default template parameters ensure compatibility with Bouncy Castle 1.54 and Botan 1.11. The combination of
 //!   <tt>IncompatibleCofactorMultiplication</tt> and <tt>DHAES_MODE=true</tt> is recommended for best efficiency and security.
-//!   SHA1 is used for compatibility reasons, but it can be changed of if desired. SHA-256 or another hash will likely improve the
+//!   SHA1 is used for compatibility reasons, but it can be changed if desired. SHA-256 or another hash will likely improve the
 //!   security provided by the MAC. The hash is also used in the key derivation function as a PRF.
 //! \details Below is an example of constructing a Crypto++ 4.2 compatible DLIES encryptor and decryptor.
 //! <pre>
@@ -696,7 +697,7 @@ public:
 //! \sa ECIES, <a href="http://www.weidai.com/scan-mirror/ca.html#DLIES">Discrete Log Integrated Encryption Scheme (DLIES)</a>,
 //!   Martínez, Encinas, and Ávila's <A HREF="http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf">A Survey of the Elliptic
 //!   Curve Integrated Encryption Schemes</A>
-//! \since Crypto++ 4.0
+//! \since Crypto++ 4.0, Crypto++ 5.6.6 for Bouncy Castle and Botan compatibility
 template <class HASH = SHA1, class COFACTOR_OPTION = NoCofactorMultiplication, bool DHAES_MODE = true, bool LABEL_OCTETS=false>
 struct DLIES
 	: public DL_ES<