I for one will probably add a flag for conditional compilation of my bignumber library so that it will take constant time. This may be a %10 slow down (using small windows exponentiation) which is trivial compared to the %30 speedup I will probably get when I implement a faster mod function :-).
Careful. Even if you can make the number of executed instructions the same, you still have to worry about timing differences due to branches and the way the hardware multiplier handles different operands.
No, he's saying to equalize wall-clock time---just pad out beyond the largest possible execution time with a timer. Surely with a sufficient pad the timing-channel leak can be made negligible (though the author seems to claim otherwise---I should read the explanation!). Peter Monta