I'm not an expert but why would a sufficiently sophisticated attacker not be able to extract the key from SME/TME type hardware protections? I'm thinking about government type attackers who can do extremely sophisticated things to hardware in a lab, not hobby type people.
[dead]
You've got to actually get the hardware to a lab.
And then put it through some type of process without losing state: the question is very much, how? There aren't a lot of options here.
More over you're doing the classic thing of basically worrying about the super-soohosticated scifi attack: but the government doesn't have better technology then universities can produce, they just have good coordination: and a much better use of that is just to socially engineer the password out of the target.