Ok. I'll go out on a limb here, what is the risk of a compromised tacacs server key? It doesn't seem like all that much. You can use it to try and authenticate a user against the server directly?
Is there a reason that the key is encrypted using Cisco's Type 7 encryption which is easily reversed versus something like MD5 or SHA1 when stored in the router configuration?