Snapshot fuzzing

content/docs/crypto/constant_time_tool/_index.md

@@ -25,7 +25,7 @@ The second section focuses on different [tools](#constant-time-tooling) practiti
 
 ## Background
 
-Timing attacks on cryptographic implementations were introduced by [Kocher](https://paulkocher.com/doc/TimingAttacks.pdf) in 1996\. Over the years, various researchers have expanded on these attacks. Notably, [Schindler](https://www.torsten-schuetze.de/sommerakademie2009/papers-sekundaer/Schindler\_Timing\_2000.pdf) demonstrated attacks on RSA implementations, which used a specific optimization improvement, and in 2005, Brumley and Boneh published [Remote Timing Attacks are Practical](https://crypto.stanford.edu/\~dabo/papers/ssl-timing.pdf), successfully extracting secret keys from OpenSSL. Also, symmetric ciphers like AES can be vulnerable to timing attacks, as shown in [Cache-timing attacks on AES](https://mimoza.marmara.edu.tr/\~msakalli/cse466\_09/cache%20timing-20050414.pdf).  
+Timing attacks on cryptographic implementations were introduced by [Kocher](https://paulkocher.com/doc/TimingAttacks.pdf) in 1996\. Over the years, various researchers have expanded on these attacks. Notably, [Schindler](https://www.torsten-schuetze.de/sommerakademie2009/papers-sekundaer/Schindler\_Timing\_2000.pdf) demonstrated attacks on RSA implementations, which used a specific optimization improvement, and in 2005, Brumley and Boneh published [Remote Timing Attacks are Practical](https://crypto.stanford.edu/\~dabo/papers/ssl-timing.pdf), successfully extracting secret keys from OpenSSL. Also, symmetric ciphers like AES can be vulnerable to timing attacks, as shown in [Cache-timing attacks on AES](https://cr.yp.to/antiforgery/cachetiming-20050414.pdf).  
 More recently, the post-quantum algorithm Kyber was found to have timing vulnerabilities in its official implementation, dubbed [KyberSlash](https://eprint.iacr.org/2024/1049.pdf). The [CWE-385](https://cwe.mitre.org/data/definitions/385.html) catalog tracks timing vulnerabilities found in implementations.  
 
 Generally, to exploit a timing attack, two key prerequisites must be met:
@@ -64,7 +64,7 @@ When writing code that performs any operation using secret data, one should cons
 
 **Conditional jumps** result in executing different instructions and generally lead to the most significant time differences out of the four patterns. Making the program's execution flow dependent on secret data will lead to vast timing differences, depending on how different the two branches are.  
 
-**Array access** and more general memory access, dependent on secret data, can be used to extract the indexing value due to timing differences when accessing memory locations. These timing differences primarily stem from the utilization of caches and whether or not a given value is inside the cache. Ciphers like AES, which use substitution tables dependent on secret data, are suitable for this attack even over the network, as demonstrated here [Cache-timing attacks on AES](https://mimoza.marmara.edu.tr/~msakalli/cse466_09/cache%20timing-20050414.pdf).
+**Array access** and more general memory access, dependent on secret data, can be used to extract the indexing value due to timing differences when accessing memory locations. These timing differences primarily stem from the utilization of caches and whether or not a given value is inside the cache. Ciphers like AES, which use substitution tables dependent on secret data, are suitable for this attack even over the network, as demonstrated here [Cache-timing attacks on AES](https://cr.yp.to/antiforgery/cachetiming-20050414.pdf).
 
 **Integer division and shift operations** can leak the secret if the divisor or the amount by which the value is shifted depends on secret data.  
 These operations can leak the secret data depending on the CPU architecture or compiler used.