Or, you put a USB port on the keyboard and design it so that, when the receiver dongle is plugged into the keyboard, the two exchange keys. Allow only one receiver pairing per device and only one device pairing per receiver, per type of device.
Even better, disable the radio when the receiver dongle is plugged into the keyboard for pairing, no data is transmitted wirelessly, require a password for the key exchange, require that the password be changed with every exchange, generate the key from a passphrase typed by the user, salted with the password (such that the same passphrase will generate a different key if reused), and optionally allow the key itself to be encrypted with a passphrase in the keyboard's storage.
The key exchange process would go something like this:
1) Plug dongle into keyboard; "Ready" light illuminates
2) Type current password and press ENTER; password is encrypted with current private key and sent to dongle, dongle decrypts password and replies with the password plaintext re-encrypted with public key, keyboard decrypts reply with private key and compares result with known plaintext (just typed); on success (e.g. plaintexts match), "Password" light illuminates
3) Type new password and press ENTER; password is stored temporarily in keyboard's RAM; on success "Exchange" light illuminates
4) Type passphrase to be used for new key (suggest random keystrokes) and press ENTER; all lights illuminate, "Exchange" light blinks
5) Keyboard begins generating an RSA keypair; and sends the public key, encrypted with the current private key, to the dongle, which then decrypts the key and replies with the plaintext key; on success, all lights illuminate, "Ready" light blinks
6) Keyboard encrypts the new public key with the new private key and sends to dongle, dongle decrypts using the new public key and compares the result; on success (e.g. both keys match) it discards the old key and records the new key before encrypting the plaintext password from step 2 and sending the result to the keyboard for verification; dongle then discards plaintext password
7) Keyboard decrypts password and compares with original plaintext; on success (e.g. passwords match), keyboard discards old key and password, encrypts new password with private key, then stores the result, all lights illuminate, "Password" light blinks
8) Type key passphrase and press ENTER, or simply press ENTER; if passphrase is entered, generate a hash of the passphrase, having the same length as the private key, and XOR the key against the result; if no passphrase is entered, key remains plaintext; on success, keyboard records the resulting key, all lights blink
9) Remove dongle from keyboard
10) Insert dongle into computer
If a the private key is encrypted with a passphrase, require the passphrase every time the keyboard is powered on; generate a key-length hash (which will be identical to the hash used in step 8 if the passphrase is correct) and XOR the stored key against that hash; this is the key the keyboard encrypts its transmissions with.
This whole post is long enough without going into detail about why certain steps are necessary; perhaps I'll do a full writeup sometime. If I do, I'll reply to this post with a link. Of course, this solution is also imperfect, as an attacker could disassemble the dongle and read the public key directly from the dongle's flash; it would have to be designed in such a way that the dongle could not be opened to that degree without damaging the flash beyond readability. Layering several different kinds of epoxy over it should do the trick in most circumstances.