A method of generating a cryptographic key between two users. First, the users select an elliptic curve. Next, the users select a point P on the curve. Next, the first user selects integers r.sub.a and w.sub.a and the second user selects integers r.sub.b and w.sub.b. Next, the first user generates points R.sub.a=r.sub.aP and W.sub.a=w.sub.aP and the second user generates points R.sub.b=r.sub.bP and W.sub.b=w.sub.bP. Next, the first user transmits R.sub.a and W.sub.a to the second user and the second user transmits R.sub.b and W.sub.b to the first user. Next, the first user generates c.sub.a from what it possesses while the second user generates c.sub.b from what it possesses in equivalent fashion. Next, the first user generates g.sub.a as a function of w.sub.a, r.sub.a, W.sub.b, and R.sub.b and the second user generates g.sub.b as a function of w.sub.b, r.sub.b, W.sub.a, and R.sub.a, in equivalent fashion. Next, the first user binarily expands on c.sub.a and g.sub.a in joint sparse form and the second user does the same on c.sub.b and g.sub.b. Next, the first user generates a point K by computing c.sub.aW.sub.b+g.sub.aR.sub.b via twin multiplication, double-add-subtract method, and the binary expansions in joint sparse form and the second user generates the point K by computing c.sub.bW.sub.a+g.sub.bR.sub.a in similar fashion. The last step is for each user to derive the cryptographic key from K in the same manner.