There is obviously plenty of literature about side channel attacks, particularly timing attacks (which you have contributed to ;-)).
But, among 'lay programmers' I've met, I would say that more than 9/10 have no idea what a 'side channel attack' is. In my experience, its unusual (~ 3/10) for a programmer to know what asymmetric encryption is. I don't expect most programmers to know the particular math behind RSA (let alone ECC/etc), but many don't even the general idea of having a function and its inverse with properties A, B, and C.
I suspect that the majority of people who "use" RSA don't feel like they need to understand the math behind it, even though the math behind it has practical security consequences.
I think that plenty of people feel confident rolling RSA or DH into a protocol design precisely because they do understand the math. The structure of both algorithms is very simple (In the case of DH maybe even trivial), but if you don't understand dozens of (not-very-obvious) attacks against both algorithms you're never going to be able to use them or implement them correctly.
But, among 'lay programmers' I've met, I would say that more than 9/10 have no idea what a 'side channel attack' is. In my experience, its unusual (~ 3/10) for a programmer to know what asymmetric encryption is. I don't expect most programmers to know the particular math behind RSA (let alone ECC/etc), but many don't even the general idea of having a function and its inverse with properties A, B, and C.