Random source is important for the security of key distribution. In this paper, a novel secure key distribution scheme based on unidirectional injection of vertical cavity surface emitting laser (VCSEL) system is proposed. In the proposed scheme, a chaotic signal without time delay signature is generated by a VCSEL subject to unidirectional optical injection, which is regarded as a master laser. The chaotic signal generated by the master VCSEL is further injected into two slave VCSELs to obtain synchronized bandwidth-enhanced chaotic signals. After that, by sampling, quantizing and XOR operation on the two synchronized chaotic signals, two key streams can be obtained. Based on the well-known spin-flip model, the time delay signature of chaotic signals generated by master VCSEL and the synchronization performance between the master VCSELs and two slave VCSELs are numerically investigated in detail. It is shown that by the unidirectional injection, the chaotic outputs can be achieved in the master VCSEL in a wide range of frequency detuning and coupling strength. More importantly, no time delay signature can be observed in the auto correlation function of the chaotic intensity time series generated by the master VCSEL. Besides, we find that high quality synchronization is achieved between the bandwidth-enhanced chaotic signals generated by two slave VCSELs under the common driving of master VCSEL. The synchronization coefficient between two slave VCSELs increases up to 0.99, and the synchronization coefficient between master VCSEL and salve VCSEL is only 0.74. Note that such a high quality synchronization between two slave VCSELs while relatively low quality synchronization between the master and slave VCSEL is conducible to ensuring the security of key distribution. In addition, the effects of tunable parameters on key bit error rate are considered, and two quantization methods are employed for comparison. Numerical simulation results show that the key bit error rate between two legitimate users is as low as 1%, and the key bit error rate between legitimate user and eavesdropper is higher than 10% in the single-threshold case; the bit error rate can even be as low as 10-6 in the double-threshold case. The influence of parameter mismatch on key bit error rate is also discussed, and it is suggested that two salve VCSELs should be finely matched to ensure low bit error rate. Finally, NIST randomness test is performed for the generated key streams. Hence, the proposed scheme enhances the security of key distribution, which is valuable for further developing the chaos communication systems.