LTE Security Principles
Source: Lte World
The figure above depicts simplified key derivation.
The MME invokes the AKA procedures by requesting authentication vectors to the HE (Home environment) if no unused EPS authentication vectors have been stored.
The HE sends an authentication response back to the MME that contains a fresh authentication vector, including a base-key named KASME. Thus, as a result of an AKA run, the EPC and the UE share KASME.
From KASME, the NAS keys, (and indirectly) KeNB keys and NH are derived. The KASME is never transported to an entity outside of the EPC, but KeNB and NH are transported to the eNB from the EPC when the UE transitions to ECM-CONNECTED.
From the KeNB, the eNB and UE can derive the UP and RRC keys.