The Montgomery Powering Ladder performs an exponentiation with the operations square and multiply (called double and add in the case of elliptic curves). To my knowledge the order and kind of operations involved are independent from the exponent, which prevents side channel attacks if the exponent is a secret key.
But of course the computation does depend on the exponent: Each bit of the exponent decides where intermediate results are stored. More concretely, the exponent is processed bit by bit and in each step, two intermediate values, say R and S, are updated. If the exponent bit is zero then one of the values, say R, is overwritten with the product of R and S and S is squared. If * denotes the underlying group operation then this can be written as
R <- R*S
S <- S*S
If the exponent bit is one then it is the other way round:
S <- R*S
R <- R*R
So if one could determine which value is squared then this would reveal the respective exponent bit. I guess that this is not possible in practice since otherwise there would have been exploits.
Could someone explain to me why this is difficult in practice? I am an absolute beginner in embedded devices, microcontrollers etc. I am particularly interested in the case where the Montgomery powering is done on an embedded device (not a particular one).