English

Full-Stack Knowledge Graph and LLM Framework for Post-Quantum Cyber Readiness

Cryptography and Security 2026-01-08 v1

Abstract

The emergence of large-scale quantum computing threatens widely deployed public-key cryptographic systems, creating an urgent need for enterprise-level methods to assess post-quantum (PQ) readiness. While PQ standards are under development, organizations lack scalable and quantitative frameworks for measuring cryptographic exposure and prioritizing migration across complex infrastructures. This paper presents a knowledge graph based framework that models enterprise cryptographic assets, dependencies, and vulnerabilities to compute a unified PQ readiness score. Infrastructure components, cryptographic primitives, certificates, and services are represented as a heterogeneous graph, enabling explicit modeling of dependency-driven risk propagation. PQ exposure is quantified using graph-theoretic risk functionals and attributed across cryptographic domains via Shapley value decomposition. To support scalability and data quality, the framework integrates large language models with human-in-the-loop validation for asset classification and risk attribution. The resulting approach produces explainable, normalized readiness metrics that support continuous monitoring, comparative analysis, and remediation prioritization.

Keywords

Cite

@article{arxiv.2601.03504,
  title  = {Full-Stack Knowledge Graph and LLM Framework for Post-Quantum Cyber Readiness},
  author = {Rasmus Erlemann and Charles Colyer Morris and Sanjyot Sathe},
  journal= {arXiv preprint arXiv:2601.03504},
  year   = {2026}
}

Comments

21 pages, 2 figures

R2 v1 2026-07-01T08:53:35.036Z