If you are sure that the keys are configured correctly then this may be a clock skew problem. Check that the the clocks on the client and server are properly synchronized (e.g., using NTP).
Check your logs for errors. If you are running a recent version of BIND, you may see error messages similar to these (reported by the secondary zone server) below:
25-Jan-2013 13:09:08.048 zone 7.168.192.in-addr.arpa/IN/trusted:
refresh: failure trying master 192.168.7.27#53 (source 0.0.0.0#0):
clocks are unsynchronized
25-Jan-2013 13:09:23.053 zone myzone.example/IN/trusted: refresh:
failure trying master 192.168.7.27#53 (source 0.0.0.0#0): clocks are
unsynchronized