Commit-Then-Disclose: Cryptographic SBOM Auditing Without IP Leakage - Sharvil Bhatt & Swastik Gour
Sbom Software bill of materials Commit Then Disclose Cryptographic auditing Software supply chain security Cloud native security Ip protection Zero Knowledge proofs Container security Supply chain integrity
This talk presents Commit-Then-Disclose, a cryptographic protocol that enables auditing of Software Bill of Materials (SBOM) without exposing proprietary intellectual property. The approach allows security teams to verify software components and vulnerabilities while maintaining confidentiality of sensitive implementation details. Ideal for security engineers, DevSecOps practitioners, and cloud native platform teams concerned with software supply chain integrity.