Without constant indirection with encryption, the attacker would loop over all the chunks of his vault with a slight delay between the get requests so that when it is again the turn of a chunk it has been removed from cache.
I gave some example figures in this post.