This was my first instinct uppon reading the title.
Up untill sliding windows, there is at least a paragraph dedicated to making the algorithm constant time. It is not mentioned why this is important, but at least it is somewhat noticeable. After that, the idea of being constant time gradually disappears.
At one point, he moves towards EdDSA. Ironically, (if I recall correctly) EdDSA was seen as an improvement over EcDsa partially because it is easier to avoid timing side-channel attacks.
> After that, the idea of being constant time gradually disappears.
It does make a come back for combs (considering that fixed point multiplication is used to process secrets). The very last words of the article are "constant time".
> Ironically, (if I recall correctly) EdDSA was seen as an improvement over EcDsa partially because it is easier to avoid timing side-channel attacks.
It is. It's just that EdDSA verification doesn't need to be constant time at all. That's why sliding windows are so useful. Signatures and public key generation do need to be constant time, so I haven't mentioned sliding combs.
Up untill sliding windows, there is at least a paragraph dedicated to making the algorithm constant time. It is not mentioned why this is important, but at least it is somewhat noticeable. After that, the idea of being constant time gradually disappears.
At one point, he moves towards EdDSA. Ironically, (if I recall correctly) EdDSA was seen as an improvement over EcDsa partially because it is easier to avoid timing side-channel attacks.