智能卡技术的广泛应用，便利了人们的生产活动，提高了生活质量，同时其安全性也面临着侧信道攻击技术的威胁，就这迫使智能卡生产厂商不断增强智能卡芯片抗侧信道攻击的正向设计能力。目前，国内各芯片测评单位使用的主要是国外的芯片侧信道分析设备，缺乏对国密算法的支持，导致国产智能卡芯片在抗侧信道攻击方面的能力普遍较弱，国产智能卡的市场占有率相对较低。国家“十三五”规划要求在市场上大力推广国产芯片，以国产芯片取代进口芯片，就这势必需要开发一套可用于检测国产智能卡芯片安全性的测评平台。本论文结合智能卡的工作原理和芯片侧信息的泄露原因，基于课题组前人平台工作成果，设计并实现了一套芯片侧信道安全性测评软件平台。该平台能够成功控制采集设备对实际接触式智能IC卡以及非接触式智能IC卡进行功耗和电磁信息的提取，并成功在1300条电磁曲线的情况下恢复了一款非接触式智能IC卡芯片的加密密钥，相比于课题组前人的攻击结果，攻击效率提高了90%。在故障攻击方面，该平台通过对实现了ISO-7816协议的中间人平台的控制，成功对一款接触式智能IC卡芯片进行了时钟故障和电压故障注入。为了提高SM4算法芯片的抗故障攻击正向设计能力，本论文还提出了针对三种SM4算法实现的时钟故障攻击方法，利用建立时间违例对于不同故障频率的敏感度，建立零值攻击模型，从而恢复出SM4算法第一轮运算使用的轮密钥。为了验证这一理论的正确性，本论文搭建了完整的软硬件结合的实验平台，仅需要3分钟即可完成一次时钟故障攻击实验。在一次时钟故障攻击过程中，通过256×4次故障注入就可以恢复第一轮完整32比特的轮密钥，需要的明文数量为256×4条。相比于其它故障攻击方法，本论文提出的攻击方法不需要获得具体的故障密文，而且能直接获得轮密钥，不需要进行额外的密钥假设。通过对时钟故障攻击实验结果的分析，提出了相应的抗故障攻击防护措施。该攻击方法的提出不仅丰富了自主设计的芯片侧信道安全性测评平台的功能，也为国产智能IC卡密码芯片的正向设计提供了很好的参考。

The widely application of smart card technology which bringing great convenience to people’s life, is facing the threats of side-channel attack. This situation compells the smart card manufacurer enhancing the side-channel security of smart card. Due to lack of support for China standard cryptographic algorithm in foreign side-channel analysis platform we used, our owned smart cards have many disadvantages on the resist of side-channel attack. The “13th Five-year plan” has demands in promoting the domestic chips so that the domestic chips should replace the imported ones. So developing a side-channel analysis platform for domestic smart cards is a matter of the upmost urgency.In this thesis, after analyzing the mechanism of smart cards and the reason why side-channel information leaks, we design and implemented a side-channel analysis platform. Our work integrates power attack, electromagnetic attack and fault attack.With the support of our platform, we collect 1300 electromagnetic traces and reveal the key of a contactless smart card product succesfully. Compared to the former works, the efficiency of our work has increased 90%.We also injected clock glitch and voltage glitch to a contact smart card product by controlling intermediate platform.To test the ability of resist on fault attack for SM4 chips,we propose a new method called setup-time violation and zero clock glitch attack, which aims at countermeasure of no mask, additive mask and multiplicative mask. The result indicates that revealing the 32-bits key of the first round in SM4 need only 256×4 times clock fault injection and 256×4 plaintexts. Comparing the other fault attack methods, our method could reveal the round key without the specific ciphertext, and the extra key computing neither.By analyzing the result of our clock glitch attack experiment, we propose some countermeasure for fault attack, which provide a good reference to the design of domestic smart cards. Meaningwhile, the clock glitch attack we proposed also enriched the function of our owned side-channel analysis platform.