Long Term Evolution (LTE) is the next-generation mobile communication system beyond 3G, whose security is predominant for the successful deployment of such networks. In this paper, we address the cryptographic key management during local cell handovers known as X2 handovers in LTE, which currently only achieves two-hop forward security. An enhanced key refresh scheme is proposed, which features the desired one-hop forward security. Our proposal not only makes up for the deficiency in the standardized LTE technical specification, but also retains all existent key materials and parameters without incurring extra communication costs. Therefore, it is technically feasible for the standardized key refresh to be smoothly upgraded to the enhanced proposal.