All of the current working Seca/Mediaguard hacks are designed such that the keys are in the EEPROMs, with the program (decryption algorithms, any remote-update functionality, etc.) in the PICs. This means that if you only want to update the keys (as opposed to enabling new functionality such as greater resilience against ECMs) then yes, you only need to update the EEPROM file.
Be aware though that you can't in general mix-and-match the EEPROM & PIC files. Any given hack assumes a particular template for its associated key-file. So if you only update the key file, make sure you are replacing it by one from the same "type" (Secanix, Satturk, etc.)
What's more, the only way to access the embedded EEPROM of a plastic wafer-card is using the "through-PIC" method - which requires the PIC first to be reprogrammed with a loader. In that case you can't escape having to reprogram the PIC anyway.
PS: there is no fundamental reason why keys MUST be in the EEPROM. It is just a neater design. Some of the early Viaccess hacks had keys in the PIC.
2old