Timing side-channels are an important threat to cryptography that still needs to be addressed in implementations, and the advent of post-quantum cryptography raises this issue because the lattice-based schemes may produce secret-dependent timing variability with the help of complex arithmetic and control flow. Since also real timing measurements are affected by environmental noise (e.g. scheduling effects, contention, heavy tailed delays), in this work a scenario-based statistical risk model is proposed for timing leakage as a problem of distributional distinguishability under controlled execution conditions. We synthesize traces for two secret classes in idle, jitter and loaded scenarios and for multiple leakage models and quantify leakage with Welch's t-test, KS distance, Cliff's delta, mutual information, and distribution overlap to combine in a TLRI like manner to obtain a consistent score for ranking scenarios. Across representative lattice-based KEM families (Kyber, Saber, Frodo), idle conditions generally have the best distinguishability, jitter and loaded conditions erode distinguishability through an increase in variance and increase in overlap; cache-index and branch-style leakage tends to give the highest risk signals, and faster schemes can have a higher peak risk given similar leakage assumptions, allowing reproducible comparisons at an early design stage, prior to platform-specific validation.

翻译：时序侧信道是对密码学的重要威胁，在具体实现中仍需解决此问题，后量子密码学的出现使该问题更加突出，因为基于格的方案可能借助复杂算术和控制流产生与秘密相关的时序可变性。由于实际时序测量也受环境噪声影响（例如调度效应、争用、重尾延迟），本文针对时序泄漏问题提出了一种基于场景的统计风险模型，将其视为受控执行条件下分布可区分性问题。我们合成了空闲、抖动和负载三种场景下两个秘密类别的迹，并针对多种泄漏模型，采用Welch t检验、KS距离、Cliff's δ、互信息及分布重叠度进行泄漏量化，通过类TLRI方式组合这些指标以获得用于场景排序的一致性评分。在对代表性基于格的KEM族（Kyber、Saber、Frodo）的分析中，空闲条件通常具有最佳可区分性，抖动和负载条件会通过方差增大和重叠度增加削弱可区分性；缓存索引和分支式泄漏往往产生最高风险信号，且在相似泄漏假设下更快的方案可能具有更高的峰值风险，这为平台专用验证前的早期设计阶段提供了可复现的比较方法。