constant-time-testing
Guides developers through detecting and preventing side-channel attacks, timing leaks, and constant-time violations in cryptographic implementations. Covers techniques for identifying timing side channels in crypto code, including cache-timing attacks, secret-dependent branching, and microarchitectural leakage. Applies formal verification, statistical analysis (dudect), and dynamic tracing (timecop) to audit crypto primitives for timing vulnerabilities and ensure constant-time execution.
Installation and usage
Guides developers through detecting and preventing side-channel attacks, timing leaks, and constant-time violations in cryptographic implementations. Covers techniques for identifying timing side channels in crypto code, including cache-timing attacks, secret-dependent branching, and microarchitectural leakage. Applies formal verification, statistical analysis (dudect), and dynamic tracing (timecop) to audit crypto primitives for timing vulnerabilities and ensure constant-time execution.
Once installed, you can use this skill by running the following command in your terminal:
skills use constant-time-testing