Secure chips that store private keys generally keep them on a part of the silicon die that can't be analyzed like the rest of the chip. Any attempt to open the chip package (take off the black plastic/epoxy covering the die) results in the destruction of the secure region and methods of reading state in semiconductors (using electron microscopy) require you to somehow expose the silicon holding the private key.
Apparently this iPhone 5C pre-dates the "Secure Enclave." So the key is somewhere else. Possibly a place vulnerable to a physical readout, possibly not.
Interesting, how does that work exactly? I would've thought with an accurate map of the chip package and a precise grinder you could shave off just what you wanted to expose.
I mean it might take a lot of practice but if you have the time and money and chip samples to practice on...