Ellen Jochemsz
| We give an overview of attacks on RSA using lattices, where the factorization of the modulus can be recovered by using the fact that 'bad' parameter choices have been made (for instance, a small public key or a small private key) or part of the private key has been exposed by performing side channel attacks. |