A method of cryptographic key exchange by two users agreeing on an elliptic curve of the form y.sup.2 +xy=x.sup.3 +ax.sup.2 +1, where "a" is a member of a field F.sub.2, where the elliptic curve is defined over a field F.sub.2 m, where m is an integer; agreeing on a point G as the base point of the elliptic curve, where the point G is of order q, and where q is an integer; generating a private integer x.sub.A by a first user; reducing x.sub.A by mod (.tau..sup.m -1) in the form of w+z.tau. by the first user; generating a base tau expansion, in non-adjacent form, of the modular reduced x.sub.A by the first user; multiplying G by the base tau expansion of the modular reduced x.sub.A ; transmitting the product to the second user; receiving, by the first user, a value y.sub.B from the second user that is based on a private integer x.sub.B of the second user, where the received value is computed in a similar manner as was the product transmitted to the second user; multiplying, by the first user, x.sub.A by the value received from the second user in order to form a common secret point; multiplying, by the second user, x.sub.B by the value received from the first user in order to form the common secret point; and the two users each deriving the same cryptographic key from the common secret point.Method of elliptic curve cryptographic key exchange using reduced base tau expansion in non-adjacent form621227903/04/200123/07/19982001985Reiter; Robert W.Solinas; Jerome A.US Patent and Trademark OfficeGoogle Patent Searchpatentimages.storage.googleapis.com/US6212279B1/US06212279-20010403-D00000.pngUniquesecond userfirst usercommon secret pointbase tau expansionelliptic curvecryptographic key exchangemodular reduced x.sub.afield f.subnon-adjacent formorder