在金融领域，芯片卡（称为金融IC卡）因其安全性和大存储量正逐渐取代传统磁条卡。由于金融IC卡关乎人民的财产安全，研究其安全性并且设计达到一定安全标准的金融IC卡至关重要。金融IC卡的安全性很大程度上取决于内部的密码算法。国密SM3杂凑算法于2010年由国家密码管理局颁布，未来将在金融IC卡中得到广泛应用。基于SM3算法构造的消息认证码（MAC）称为SM3-MAC算法，其安全性依赖于SM3算法的安全性。传统的密码理论分析，证明SM3算法足够安全。然而，由于密码算法在应用中总是会运行在密码设备上，而密码设备的侧信道信息如功耗、电磁等信息会泄露密码算法的秘密数据，因此侧信道分析成了攻击密码算法的一个捷径。本论文首先研究了SM3-MAC密码算法的侧信道安全性，具体包括以下三点：第一、基于SAKURA-G侧信道分析FPGA板，搭建了SM3-MAC的侧信道攻击硬件平台。设计的电路包括SM3-MAC算法IP核和通信接口模块。第二、基于上述平台，对SM3-MAC算法的秘密中间值进行了功耗泄露分析，发现了明显的寄存器汉明距离泄露，而寄存器汉明重量泄露和组合逻辑节点的泄露都不明显。基于寄存器汉明距离模型，本论文设计了“两级选择明文相关功耗攻击方案”，并在上述平台上完成了对SM3-MAC算法的实际攻击，破解了8个32bit的秘密中间值，完成了相关功耗攻击实验39次，共采集功耗波形约40万条，将密钥搜索空间从2256降到了4。第三、为SM3-MAC设计了掩码方案，并在20万条功耗波形下验证了其侧信道安全性。带掩码的SM3-MAC可抵抗一阶差分（或相关）功耗攻击。本论文的另一个工作是研究硬件木马检测方法。随着芯片制造越来越依赖代工厂，攻击者有了更多的机会篡改芯片，统称为植入硬件木马。硬件木马使芯片安全性受到了极大威胁，因此本论文研究并在FPGA上实现了基于环形振荡器网络（RON）的硬件木马检测方案。为了对硬件木马植入在FPGA上的物理位置以及RON在FPGA上的布局加以人为干预，本文采用了FPGA的增量编译技术。本文还设计了硬件木马检测算法，可分析出植入硬件木马的芯片中RON振荡频率数据的异常，进而检测并定位硬件木马。对四种典型硬件木马的检测实验表明，该检测方案的灵敏度较高，可通过硬件木马电路的动态功耗甚至极小的静态功耗发现硬件木马的“藏身之地”。

Due to its higher security and larger storage, IC bank card is gradually replacing the traditional magnetic strip card. As transactions on IC bank cards concern people's property safety directly, it is vitally important to guarantee the security of bank IC cards based on some security standards. To a large degree, the security of bank IC cards is determined by the security of cryptographic algorithms inside. Chinese SM3 hash algorithm was published by State Cryptography Administration of China in 2010. And it will be widely used in future bank IC cards. Message Authentication Code(MAC) constructed by SM3 algorithm is called SM3-MAC, whose security is based on the security of SM3 algorithm. Traditional cryptanalysis has verified the theoretical security of SM3 algorithm in mathematical angle. However, as cryptographic algorithms are always implemented on cryptographic devices such as microprocessors or IC cards and the side channel information such as power consumption and electromagnetic radiation of these devices can leak the feature of intermediate values of the cryptographic algorithms, side channel analysis (SCA) is becoming a shortcut to attack the cryptographic algorithms. In the thesis, we first introduce the research we have done on side channel security of SM3-MAC algorithm. Work is focused on three aspects.First, we built a side channel analysis platform for SM3-MAC with SAKURA-G side channel analysis FPGA board. The FPGA circuits we designed includes SM3-MAC IP core and communication interface circuit module.Second, we analyzed the power leakage of SM3-MAC intermediate values based on the above platform, and found apparent register hamming distance leakage. But no obvious register hamming weight leakage and combinational logic leakage were observed. So we designed a "Two-level Chosen Plaintext Correlation Power Attack Strategy" for SM3-MAC based on register hamming distance power models and performed real attack towards SM3-MAC on the above platform. In total, we recovered 8 32-bit intermediate values, performed 39 correlation power attack experiments and collected approximately 400,000 power traces. After the overall attack procedure, the key space is reduced from 2256 to only 4.Third, we designed a masking scheme for SM3-MAC algorithm and verified its side channel security with 200,000 power traces. Masked SM3-MAC can resist first order differential (or correlation) power attack.The other section of this thesis is focused on hardware trojan detection. As more and more integrated circuits are fabricated in foundry, attackers have more opportunities to approach the chips and modify the circuits in the chips. The modification is generally called hardware trojan. Hardware trojan posts great threat on integrated circuits. In this thesis, we implement a hardware trojan detection method based on ring oscillator network (RON) in FPGA. We adopt the FPGA incremental compilation technique to insert hardware trojans on specified physical locations of FPGA and control the placing of ring oscillators of the RON. We have also designed a hardware trojan detection algorithm to find the statistical difference of the oscillation frequency of RON. As the difference is caused by hardware trojan insertion, we can detect the inserted hardware trojans and find their locations. We have done detection experiments for four typical kinds of hardware trojans. According to the results, the sensitivity of RON hardware trojan detection strategy is rather high. It can detect a hardware trojan based on its dynamic power consumption and even negligible static power consumption (leakage).