Libgcrypt's RSA-1024 implementation using left-to-right method for computing the sliding-window expansion was found to be vulnerable to cache side-channel attack resulting into complete break of RSA-1024. The same attack is believed to work on RSA-2048 with moderately more computation. This side-channel requires that attacker can run arbitrary software on the hardware where the private RSA key is used. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526
