Particularly relevant high-level from the PDF:
In a nutshell, the key extraction attack relies on crafting chosen ciphertexts that cause numerical
cancellations deep inside GnuPG’s modular exponentiation algorithm. This causes the special value
zero to appear frequently in the innermost loop of the algorithm, where it affects control flow. A single
iteration of that loop is much too fast for direct acoustic observation, but the effect is repeated and
amplified over many thousands of iterations, resulting in a gross leakage effect that is discernible in the
acoustic spectrum over hundreds of milliseconds.