US Patent 9485229 Object level encryption system including encryption key management system

A symmetric PGP encrypted communications path is provided in which the recipient may be identified with only publicly available information. Data to be encrypted is encrypted at the object level. Encryption keys for both the transmitter and receiver are sent to a security server. Data received from the transmitter includes intended receiver ID. The receiver includes its actual ID. The received ID and the actual ID are sent to the security server for authentication. If authentication succeeds, the security server sends a session key to the receiver, and the receiver can use its own key to decrypt data. The system reacts to authentication failure by disabling decryption in the receiver and may also take countermeasures.