diff --git a/internal/handshake/crypto_setup.go b/internal/handshake/crypto_setup.go
index 0f5729c26..ca907d7be 100644
--- a/internal/handshake/crypto_setup.go
+++ b/internal/handshake/crypto_setup.go
@@ -192,7 +192,7 @@ func newCryptoSetup(
 		initialOpener:          initialOpener,
 		handshakeStream:        handshakeStream,
 		oneRTTStream:           oneRTTStream,
-		aead:                   newUpdatableAEAD(),
+		aead:                   newUpdatableAEAD(logger),
 		readEncLevel:           protocol.EncryptionInitial,
 		writeEncLevel:          protocol.EncryptionInitial,
 		runner:                 runner,
diff --git a/internal/handshake/updatable_aead.go b/internal/handshake/updatable_aead.go
index ee36c0d59..ce4b958fe 100644
--- a/internal/handshake/updatable_aead.go
+++ b/internal/handshake/updatable_aead.go
@@ -6,6 +6,7 @@ import (
 	"encoding/binary"
 
 	"github.com/lucas-clemente/quic-go/internal/qerr"
+	"github.com/lucas-clemente/quic-go/internal/utils"
 
 	"github.com/lucas-clemente/quic-go/internal/protocol"
 	"github.com/marten-seemann/qtls"
@@ -31,6 +32,8 @@ type updatableAEAD struct {
 	hpDecrypter cipher.Block
 	hpEncrypter cipher.Block
 
+	logger utils.Logger
+
 	// use a single slice to avoid allocations
 	nonceBuf []byte
 	hpMask   []byte
@@ -39,17 +42,19 @@ type updatableAEAD struct {
 var _ ShortHeaderOpener = &updatableAEAD{}
 var _ ShortHeaderSealer = &updatableAEAD{}
 
-func newUpdatableAEAD() *updatableAEAD {
+func newUpdatableAEAD(logger utils.Logger) *updatableAEAD {
 	return &updatableAEAD{
 		firstRcvdWithCurrentKey: protocol.InvalidPacketNumber,
 		firstSentWithCurrentKey: protocol.InvalidPacketNumber,
+		logger:                  logger,
 	}
 }
 
 func (a *updatableAEAD) rollKeys() {
+	a.keyPhase = a.keyPhase.Next()
+	a.logger.Debugf("Updating keys to the next key phase: %s", a.keyPhase)
 	a.firstRcvdWithCurrentKey = protocol.InvalidPacketNumber
 	a.firstSentWithCurrentKey = protocol.InvalidPacketNumber
-	a.keyPhase = a.keyPhase.Next()
 	a.prevRcvAEAD = a.rcvAEAD
 	a.rcvAEAD = a.nextRcvAEAD
 	a.sendAEAD = a.nextSendAEAD
diff --git a/internal/handshake/updatable_aead_test.go b/internal/handshake/updatable_aead_test.go
index 36ce8fc45..b29b3d835 100644
--- a/internal/handshake/updatable_aead_test.go
+++ b/internal/handshake/updatable_aead_test.go
@@ -7,6 +7,7 @@ import (
 	"crypto/rand"
 
 	"github.com/lucas-clemente/quic-go/internal/protocol"
+	"github.com/lucas-clemente/quic-go/internal/utils"
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 )
@@ -33,8 +34,8 @@ var _ = Describe("Updatable AEAD", func() {
 		rand.Read(trafficSecret1)
 		rand.Read(trafficSecret2)
 
-		client = newUpdatableAEAD()
-		server = newUpdatableAEAD()
+		client = newUpdatableAEAD(utils.DefaultLogger)
+		server = newUpdatableAEAD(utils.DefaultLogger)
 		client.SetReadKey(&mockCipherSuite{}, trafficSecret2)
 		client.SetWriteKey(&mockCipherSuite{}, trafficSecret1)
 		server.SetReadKey(&mockCipherSuite{}, trafficSecret1)