The invention discloses a software mask defense scheme capable of preventing attack on advanced encryption standard (AES) algorithm based on power analysis. The software mask defense scheme comprises steps of introducing a mask matrix M, and arranging three random mask defense points in each round of encryption operation; protecting the three mask defense points through a group of mask sequences generating M during each encryption; arranging a counter C in a crypto chip, superposing original values for each encryption, and finishing construction of the matrix M when the superposed value reaches the threshold value T1; when the superposed value reaches the threshold value T2, rearranging the counter C, updating the matrix M, and repeating the step over and over again. The three random mask defense points can perform mask defense on an important intermediate value calculated at least when few of subkeys are exhausted, therefore, high-order difference power attack can be effectively defended, and security of AES secret keys are protected. Furthermore, the mask matrix is updated through a queue mode, therefore, replacement frequency of random masks is reduced, and defense cost is reduced.