Reputation: 39
Spectre attack via JavaScript why is TABLE1_BYTES = 2^25
I am reading the Spectre Paper [1] and don't understand why the bitwise AND is needed and why TABLE1_BYTES is 2^25.
1 if (index < simpleByteArray.length) {
2 index = simpleByteArray[index | 0];
3 index = (((index * TABLE1_STRIDE)|0) & (TABLE1_BYTES-1))|0;
4 localJunk ^= probeTable[index|0]|0;
5 }
We know from the paper that:
TABLE1 STRIDE = 4096
TABLE1 BYTES = 2^25
As per my understanding, the stride is 4k such that the secret values will be in different cache-lines within the cache set. In paper it says:
The clflush instruction is not accessible from JavaScript, so cache flushing was performed by reading a series of addresses at 4096-byte intervals out of a large array. Because of the memory and cache configuration on Intel processors, a series of ˜2000 such reads (depend- ing on the processor’s cache size) were adequate evict out the data from the processor’s caches for addresses having the same value in address bits 11–6
I still dont get why the bitwise and is needed and why TABLE1_BYTES is so large.
[1]:
Upvotes: 0
Views: 40
Answers (0)
Related Questions
- How do I replace all occurrences of a string?
- Loop (for each) over an array in JavaScript
- How do I make the first letter of a string uppercase in JavaScript?
- How can I validate an email address in JavaScript?
- How can I remove a specific item from an array in JavaScript?
- How do I remove a property from a JavaScript object?
- What does "use strict" do in JavaScript, and what is the reasoning behind it?
- How do I include a JavaScript file in another JavaScript file?
- How do JavaScript closures work?
- How to check whether a string contains a substring in JavaScript?