Cas Cremers


Version Linux Windows Mac OS X Comments
v1.1.3 Download Download Download This is the standard version.
Compromise-0.9.2 Download Download Download Choose this if you need support for various adversary models.


Scyther uses some other components, specified below.

Note for Ubuntu users: If you are using a recent version of Ubuntu, you can simply enter 'sudo apt-get install graphviz python python-wxgtk3.0' on the command line and continue at 'Running Scyther' below.

  1. The GraphViz library

    This library is used by the Scyther tool to draw graphs. It can be downloaded from:

    NameWhere to download

    Download the latest stable release and install it.

  2. Python

    The graphical user interface of Scyther is written in the Python language. Note that currently, Scyther does not support Python 3 (as it is not supported by the wxPython library below).

    NameWhere to download
    Python 2.x
  3. wxPython libraries

    The graphical user interface of Scyther using the wxPython library to draw widgets.

    NameWhere to download
    wxPython (32-bit) (*1)

    *1: Note that there are several different wxPython packages. Choose a 32-bit version that matches your Python version (e.g., "32-bit Python 2.7")

Running Scyther

Start Scyther by executing the file:

Notes for Mac OS users

  1. 64-bit Python mode not supported

    It may be that Scyther fails to run and aborts with an error that ends with a line similar to the following:

    ImportError: /usr/local/lib/wxPython-unicode- no appropriate 64-bit architecture (see "man python" for running in 32-bit mode)
    Running Scyther in the following way should fix the issue:
    $ ./

  2. Font rendering problems

    On Mac OS, the graphviz package by default cannot determine the right font location if fontconfig is not installed. This causes the fonts in the graphs in Scyther to be rendered wrongly. You can fix this by adding the following setting to your environment variables: (joining the string lines)


Getting started

As a first test, open the file 'ns3.spdl' in the main Scyther directory using Scyther, and select Verify->Verify Protocol. This evaluates the claims in the protocol specification file (in this case secrecy, agreement and correspondence properties, and synchronisation for each role) and shows the results. Click on the attack buttons to get a graphical representation.

Many other protocol specification files can be found in the Protocols/ subdirectory.

Running Scyther without a GUI from the command line

If you cannot get the GUI to work, or prefer command-line tools for scripting, you can use the following instructions.

Depending on your platform, the Scyther directory contains one of the following executables:

  • Scyther/scyther-linux
  • Scyther/scyther-w32
  • Scyther/scyther-mac

To get a list of (some) of the command-line options, run the executable with the '--help' switch, e.g.:

scyther-linux --help

To analyze the Needham-Schroeder protocol and generate a .dot file (the input language for the Graphviz tool) for the attacks, use

scyther-linux --dot-output ns3.spdl

The resulting output file can then be rendered by graphviz, e.g.:

dot -Tpdf -O 

This yields several PDF files[.N].pdf that contain the attack graphs.