You got the "magical black box" part right, but you got the rest wrong.
All you have to do is use a passphrase (not a PIN) long enough to not be bruteforceable. Building a 100% secure device that limits the number of attempts at guessing an insecure PIN is impossible. Building a 100% secure device that protects your data using a secure passphrase is trivial: just use good encryption at rest.
Putting data in the cloud, at best, does nothing for you security-wise, and at worst, makes it that much easier to get to. It doesn't matter whether your data is in the cloud or on your phone. What matters is that it is encrypted with strong crypto, and that only you know the key. Then, as long as the crypto isn't broken, your data is safe. No (practical) crypto is "guaranteed" to never be circumvented, but modern crypto algorithms properly implemented are getting pretty close to there being a good chance nobody will ever be able to break them in a practical manner. Only time will tell.
If you want a phone secure against data extraction after being seized, you have two decent options: get an iPhone, or get an Android Nexus phone (anything else is probably not trustworthy, if only because most other manufacturers suck at security). The Nexus line has better data security at rest (it uses full disk encryption), while the iPhone line only encrypts most, but not all, data, and no metadata. In both cases, if you make sure the phone is powered down before it falls into the hands of an attacker, there is just about nothing they can do to get at your data.
Incidentally, we're talking about symmetric crypto here, not asymmetric crypto - quantum computing can implement a practical attack against current common asymmetric crypto algorithms, but not against symmetric crypto.