Sorting is a subroutine in various submissions to NIST's competition for new standards for post-quantum cryptography.

The time for sorting depends on the size of the array being sorted (although one can work around this by padding to a maximum size). This is not an issue in the cryptographic context: the array sizes are standard.

With most sorting software, the time for sorting also depends on the contents of the array: secrets influence attacker-observable timing through the branch predictor, the cache state, etc. Trying to figure out whether this leaks are large enough to cause security problems is an auditing nightmare.

djbsort systematically avoids secret branch conditions and secret array indices. It uses only simple arithmetic instructions that are believed to run in constant time with all common compilers on all supported CPUs.

Version: This is version 2018.07.10 of the "Security" web page.