Unfortunately, it seems to show that open source code will be inherently less secure as reference code can be run, and the power usage compared.
Roger, I think you are being too pessimistic! That argument smacks too much of Security Through Obscurity
to me. I believe some of the most secure implementations are indeed open sourced.
The above link is a Simple Power Analysis and for that the source code is likely to be a help. More sophisticated attacks like Differential Power Analysis perform statistical analysis and hypothesis testing to determine the cryptographic keys.
In one case of our testing, we were able to determine a DES key because some of the S-Box tables spanned the page boundary of flash memory. This resulted in a power consumption difference that was enough to break the implementation!
The bottom line is to leave secure crypto implementations to the experts! Of course, even a weak implementation is better than nothing -- but don't be over confident of your security.
If your are interested in this sort of thing, I recommend looking at the Chip Whisperer
project by Colin O'Flynn
Finally, for weaknesses in the STM32F0 it is worth reading Shedding too much Light on a Microcontroller’s Firmware Protection
They basically use a race condition on the STM32F0 to readout the firmware. Due to hardware differences I don't believe this works on the STM32F103 chips.