It is true that normally a key can only be retrieved by the user that
See e.g.: http://nelenkov.blogspot.se/2011/11/using-ics-keychain-api.html
If a device is rooted, the keys still cannot be retrieved unless the
attacker also has the password.
If the attacker has rooted the device and has the password or the device
is unlocked, it's game over.