Main source code repository of the Tamarin prover for security protocol verification.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
case-studies-regression Modified Makefile to check Linux/Mac and print appropriate info. Reor… Sep 3, 2018
case-studies-sapic-regression updated sapic case studies Feb 8, 2017
data Added LICENSE file to data folder so that it is part of the distribut… Aug 9, 2018
doc Old release tasks file completely merged into now. Jun 4, 2018
etc Emacs syntax highlighting (#273) Jun 7, 2018
examples Added files of all models for 5G as published at CCS'18. Aug 10, 2018
images Slightly brighten detailed pixel art version. Aug 7, 2017
lib more unused imports Sep 4, 2018
misc Pydot compatability fix for both old and new API. Sep 2, 2016
plugins/sapic Merge pull request #280 from iesiyok/feature_lock_rest_wo_acc Aug 21, 2018
src unused imports Sep 4, 2018
.gitignore DNP3 examples: fix makefile for symmetric only esorics spthy files Jun 19, 2018
.hgignore rename tool directory to 'tamarin-prover' Jan 20, 2012
.travis.yml Fix up Travis compilation (#272) Jun 6, 2018
AUTHORS added authors Aug 26, 2015
CHANGES Edited CHANGES list, also points out Alethea case study now May 7, 2018 Clarified a number of pre-release tasks. Jun 4, 2018
LICENSE preparing for release Feb 9, 2012
Makefile Modified Makefile to check Linux/Mac and print appropriate info. Reor… Sep 3, 2018 Textual nits Jun 4, 2018
Setup.hs Fix a typo in Setup.hs Aug 7, 2017 new ghci Jul 24, 2017
stack.yaml [WIP] GHC 8.4 support (#266) Sep 3, 2018
tamarin-prover.cabal Develop version is 1.5.0 May 7, 2018 Added script to replace Tamarin version number in all cabal files and… Feb 27, 2018

The Tamarin prover repository

master branch build-status

This README describes the organization of the repository of the Tamarin prover for security protocol verification. Its intended audience are interested users and future developers of the Tamarin prover. For installation and usage instructions of the Tamarin prover see chapter 2 of the manual:

Developing and contributing

See contributing instructions for instructions on how to develop, test and release changes to the Tamarin prover source code.

Version Numbering Policy

We use version numbers with four components.

  • The first component is the major version number. It indicates complete rewrites of the codebase.
  • The second component is the minor version number. We use odd minor version numbers to denote development releases intended for early adopters. We use even minor version numbers to denote public releases, which are also published.
  • The third component indicates bugfix releases.
  • The fourth component indicates documentation and meta-data changes.

We ensure that the external interface of a version of the Tamarin prover is backwards compatible with the external interface of all versions that agree on the major and minor version number.

We announce all releases of the Tamarin prover on:


The manual is available as PDF or HTML at

Experimental improved graph output

You can use our experimental improved graph output which may be helpful for very large graphs that can be created for complicated protocols. To enable this feature read the instructions about improved graphs.

Spthy code editors

The project contains support for spthy syntax highlighting and support in the etc directory. This includes support for Sublime Text, VIM and Notepad++.

Example Protocol Models

All example protocol models are found in the directory


All models that we consider stable are part of every installation of the Tamarin prover. See tamarin-prover.cabal for the list of installed protocols. We use the following sub-directories to organize the models.

csf12/         the AKE case studies from our CSF'12 paper.
classic/       classic security protocols like the ones from
loops/         experiments for testing loop-invariants and protocols with
               non-monotonic state
related_work/  examples from related work on protocols with loops or
               non-monotonic state
experiments/   all other experiments
ake/           more AKE examples including ID-based and tripartite group KE
               protocols based on bilinear pairing
features/      (small) models that demonstrate a given feature
ccs15/	       the observational equivalence case studies from our CCS'15 paper

Feel free to add more sub-directories and describe them here.

In general, we try use descriptive names for files containing the models. We also document all our findings as comments in the protocol model. Moreover, we use the following header in all files to make their context more explicit.

   Protocol:    Example
   Modeler:     Simon Meier, Benedikt Schmidt
   Date:        January 2012

   Status:      working

   Description of protocol.