constant-time-testing

# Constant-Time Testing Timing attacks exploit variations in execution time to extract secret information from cryptographic implementations. Unlike cryptanalysis that targets theoretical weaknesses, timing attacks leverage implementation flaws - and they can affect any cryptographic code. ## Background Timing attacks were introduced by [Kocher](https://paulkocher.com/doc/TimingAttacks.pdf) in 1996. Since then, researchers have demonstrated practical attacks on RSA ([Schindler](https://link.springer.com/content/pdf/10.1007/3-540-44499-8_8.pdf)), OpenSSL ([Brumley and Boneh](https://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf)), AES implementations, and even post-quantum algorithms like [Kyber](https://eprint.iacr.org/2024/1049.pdf). ### Key Concepts | Concept | Description | |---------|-------------| | Constant-time | Code path and memory accesses independent of secret data | | Timing leakage | Observable execution time differences correlated with secrets | | Side channel | Information extracted from implementation rather than algorithm | | Microarchitecture | CPU-level timing differences (cache, division, shifts) | ### Why This Matters Timing vulnerabilities can: - **Expose private keys** - Extract secret exponents in RSA/ECDH - **Enable remote attacks** - Network-observable timing differences - **Bypass cryptographic security** - Undermine theoretical guarantees - **Persist silently** - Often undetected without specialized analysis Two prerequisites enable explo...