| Caveat: I am also a high level programmer. My understanding is that the problem is that the data in the cache _isn't_ rolled back. You fetch the secret data. You then fetch a different memory addressed based on the contents of the secret data e.g. fetch((secret_bit * 128) + offset) [1] so if secret_bit is 0 it's fetched the memory at offset into the cache, if secret_bit is 1 it's fetched the memory at offset+128 into the cache. After the speculative work is rolled back, the data that it fetched into the cache still remains. You then time how long it takes to fetch offset and offset+128. If offset comes back quickly, secret_bit was 0. If offset+128 comes back quickly, secret_bit was 1. _That_ is where the timing attack part comes in: "timing attack" refers to using measurements of how long something took to glean information, not that you need to do it quickly. [1] In reality you do it on the byte level and use &, but I wanted to keep it to guessing a single bit to make it simpler. |
I was under the impression that there is no interface to read data from the CPU caches and that the cache is managed by the CPU itself only.