Istr reading about ram-sniffing to extract decrypted auth tokens a while back. Iirc, ram can still be read with a fairly high amount of certainty after a number of minutes of poweroff.
Here you go : http://tdistler.com/2008/02/21.....-power-off
Yes to do this properly you would either have to go with physical destruction or leverage overwrite techniques which can be time consuming "This device will self destruct in 20 minutes and counting ...."
Adding a secure element to hold the keys and running everything encrypted with some obfuscation, plus RAM re-writing could probably get you a long way, but at the end of the day anything that has an IP connection could have a vulnerability which enables exploitation so that is your real weak spot.
If the processor supported TrustZone then I would leverage the TEE for my algorithms, but I think I have seen somewhere that they do not and if they did I am not sure how the foundation would be able to work with a fee based TSM such as Gemalto or G&D.