Main repository of the Tamarin prover for security protocol verification.
Haskell Python OCaml JavaScript Makefile CSS Other
Latest commit b73ce87 Feb 24, 2017 @jdreier jdreier committed on GitHub Merge pull request #200 from rsasse/develop
Heuristic ranking parameter passed through correctly now
Failed to load latest commit information.
case-studies-regression case study order changed again, same number of proof steps, so that i… Feb 22, 2017
case-studies-sapic-regression updated sapic case studies Feb 8, 2017
data Merge fix: GUI shows different options now Aug 31, 2015
doc cleaned up doc Jan 24, 2017
etc Add "multiset" to keywords for syntax highlighting Feb 8, 2017
examples updated sapic case studies Feb 8, 2017
images Added third screenshot and thumbnail. Also added production notes. Jul 19, 2012
lib Remove unnecessary dependency addition Feb 21, 2017
misc Pydot compatability fix for both old and new API. Sep 2, 2016
plugins/sapic update sapic parsers to relfect new notation, axiom and typing cause … Feb 8, 2017
src The oracle ranking is now passed through in diff mode and can be used… Feb 23, 2017
.gitignore updated sapic case studies Feb 8, 2017
.hgignore rename tool directory to 'tamarin-prover' Jan 20, 2012 opam config Jan 20, 2017
.travis.yml typo in version number Jan 19, 2017
AUTHORS added authors Aug 26, 2015
CHANGES Update version numbers to 1.2.0 in preparation for release to master. Feb 20, 2017 Fixed links to the manual, removed old parts of the manual, removed i… Jan 24, 2017
LICENSE preparing for release Feb 9, 2012
Makefile Version bump to 1.3.0 for develop. Feb 20, 2017 Fixed links to the manual, removed old parts of the manual, removed i… Jan 24, 2017
Setup.hs notes on better --version flag Feb 23, 2012 rename tool directory to 'tamarin-prover' Jan 20, 2012
stack.yaml Partial fix for derive changes Feb 21, 2017
tamarin-prover.cabal Final fix for removing derive dependency Feb 21, 2017

The Tamarin prover repository

master branch build-status

This README describes the organization of the repository of the Tamarin prover for security protocol verification. Its intended audience are interested users and future developers of the Tamarin prover. For installation and usage instructions of the Tamarin prover see chapter 2 of the manual:

Developing and contributing

See contributing instructions.

Version Numbering Policy

We use version numbers with four components.

  • The first component is the major version number. It indicates complete rewrites of the codebase.
  • The second component is the minor version number. We use odd minor version numbers to denote development releases intended for early adopters. We use even minor version numbers to denote public releases, which are also published.
  • The third component indicates bugfix releases.
  • The fourth component indicates documentation and meta-data changes.

We ensure that the external interface of a version of the Tamarin prover is backwards compatible with the external interface of all versions that agree on the major and minor version number.

We announce all releases of the Tamarin prover on:


The manual is available as PDF or HTML at

Experimental improved graph output

You can use our experimental improved graph output which may be helpful for very large graphs that can be created for complicated protocols. To enable this feature read the instructions about improved graphs.

Example Protocol Models

All example protocol models are found in the directory


All models that we consider stable are part of every installation of the Tamarin prover. See tamarin-prover.cabal for the list of installed protocols. We use the following sub-directories to organize the models.

csf12/         the AKE case studies from our CSF'12 paper.
classic/       classic security protocols like the ones from
loops/         experiments for testing loop-invariants and protocols with
               non-monotonic state
related_work/  examples from related work on protocols with loops or
               non-monotonic state
experiments/   all other experiments
ake/           more AKE examples including ID-based and tripartite group KE
               protocols based on bilinear pairing
features/      (small) models that demonstrate a given feature
ccs15/         the observational equivalence case studies from our CCS'15 paper

Feel free to add more sub-directories and describe them here.

In general, we try use descriptive names for files containing the models. We also document all our findings as comments in the protocol model. Moreover, we use the following header in all files to make their context more explicit.

   Protocol:    Example
   Modeler:     Simon Meier, Benedikt Schmidt
   Date:        January 2012

   Status:      working

   Description of protocol.