Doubt in EID computation process

[ghost]

It may be an easy doubt.
Doubt is in the file of EID-computation in Eddystone-EID

1. in point "4 - Secure key exchange EID configuration", What does key pair means? Public and Private key of beacon? Where do they come/generated from? These keys are also used in "Computing the identity key".

2)In "Registering an EID beacon with the resolver", It is said, 'The resolver then follows the same procedure to compute the identity key from its own private key and the beacon's public key.' The public, private key of beacon and resolver is changed compare to client's computing.

Can you please clarify all this thing?

[adriancretu]

Assuming you've got yourself familiar with basic PKI, the answers are simple:

1. You (pre)generate a keypair on the beacon itself. The private key remains secret. The beacon receives a public key from the outside, and the identity key is computed based on the shared secret obtained via beaconPrivKey+outsidePublicKey
2. The resolver has its own keypair, it publishes just the public key of it. Computation of beacon identity key on the resolver is done in complementary mode (resolverPrivKey+beaconPublicKey). PKI properties assure the shared secret ends up identical, etc. Safe communication over an unsafe channel is assured.