Cryptography and Network Security (CSE&IT)

Experiment No. 1
Aim

To study Network Security

Computer data often travels from one computer to another, leaving the safety of its
protected physical surroundings. Once the data is out of hand, people with bad
intention could modify or forge your data, either for amusement or for their own
benefit.
Cryptography can reformat and transform our data, making it safer on its trip between
computers. The technology is based on the essentials of secret codes, augmented by
modern mathematics that protects our data in powerful ways.

Computer Security - generic name for the collection of tools designed to protect
data and to thwart hackers.

Network Security - measures to protect data during their transmission.

Internet Security - measures to protect data during their transmission over a

collection of interconnected networks.

Information Security: It can be defined as measures adopted to prevent the

unauthorized use, misuse, modification or denial of use of knowledge, facts, data
or capabilities.

Three aspects of IS are:

Security Attack: Any action that comprises the security of information.
Security Mechanism: A mechanism that is designed to detect, prevent, or recover from
a security.
Security Service: It is a processing or communication service that enhances the security
of the data processing systems and information transfer. The services are intended to
counter security attacks by making use of one or more security mechanisms to provide
the service.

LAB-MANUAL

Page 1

Cryptography and Network Security (CSE&IT)

Experiment No. 2
Aim

To study Encryption and Decryption algorithm

Cryptosystem is a five tuple (P, C, K, E, D)

Plaintext Space (P): set of all possible plaintexts
Cipherext Space (C): set of all possible cipher texts
Key Space (K): set of all possible keys
E: set of all possible encryption rules and
D: set of all possible decryption rules

If P is the plaintext, C is the cipher text, and K is the key,

We assume that Bob creates P1; we prove that P1 = P:

LAB-MANUAL

Page 2

Cryptography and Network Security (CSE&IT)

Experiment No. 3
Aim

To study 2DES & Triple-DES

The first answer to problems of DES is an algorithm called Double DES which includes
double encryption with two keys. It increases the key size to 112 bits, which seems to be
secure. But, there are some problems associated with this approach. issue of education
to single stage: In other words, could there be a key K3 such that EK2 EK21(P))=
EK3(P)? meet-in-the-middle attack:
Works when given a known (P,C) pair
since X = EK1(P) = DK2(C)
attack by encrypting P with all 256 keys K1and store
then decrypt C with all possible 256 keys K2 and match X value
Test the two keys for the second pair of plaintext-cipher text and if they match,
correct keys are found

Triple DES was the answer to many of the shortcomings of DES. Since it is based on the
DES algorithm, it is very easy to modify existing software to use Triple DES. 3DES was
developed in 1999 by IBM by a team led by Walter Tuchman. 3DES prevents a meetin-the-middle attack. 3DES has a 168-bit key and enciphers blocks of 64 bits. It also has
the advantage of proven reliability and a longer key length that eliminates many of the
shortcut attacks that can be used to reduce the amount of time it takes to break DES.
3DES uses three keys and three executions of the DES algorithm. The function follows
an encrypt-decrypt-encrypt (EDE) sequence.

LAB-MANUAL

Page 3

Cryptography and Network Security (CSE&IT)

Where C= cipher text, P= plaintext and

EK[X] = encryption of X using key
K DK[Y] = decryption of Y using key K
Decryption is simply the same operation with the keys reversed

Triple DES runs three times slower than standard DES, but is much more secure if used
properly. With three distinct keys, TDEA has an effective key length of 168 bits making
it a formidable algorithm. As the underlying algorithm is DEA, it offers the same
resistance to cryptanalysis as is DEA. Triple DES can be done using 2 keys or 3 keys.

LAB-MANUAL

Page 4

Cryptography and Network Security (CSE&IT)

Experiment No. 4
Aim

To study block cipher principles

Virtually, all symmetric block encryption algorithms in current use are based on a
structure referred to as Fiestel block cipher.
For that reason, it is important to examine the design principles of the Fiestel cipher. We
begin with a comparison of stream cipher with block cipher.
A stream cipher is one that encrypts a digital data stream one bit or one byte at a
time. E.g, vigenere cipher. A block cipher is one in which a block of plaintext is
treated as a whole and used to produce a cipher text block of equal length.
Typically a block size of 64 or 128 bits is used.
most symmetric block ciphers are based on a Feistel Cipher Structure needed
since must be able to decrypt cipher text to recover messages efficiently. block
ciphers look like an extremely large substitution
would need table of 264 entries for a 64-bit block
Instead create from smaller building blocks
Using idea of a product cipher in 1949 Claude Shannon introduced idea of
substitution- permutation (S-P) networks called modern substitution-transposition
product cipher these form the basis of modern block ciphers.
S-P networks are based on the two primitive cryptographic operations we have
seen before:
1. substitution (S-box)
2. Permutation (P-box)
Provide confusion and diffusion of message
Diffusion dissipates statistical structure of plaintext over bulk of cipher text
Confusion makes relationship between cipher text and key as complex as
possible

LAB-MANUAL

Page 5

Cryptography and Network Security (CSE&IT)

Experiment No. 5
Aim

To study RSA algorithm

RSA algorithm best known and widely regarded as most practical public-key scheme
was proposed by Rivest, Shamir & Adleman in 1977. t is a public-key scheme which
may be used for encrypting messages, exchanging keys, and creating digital signatures.

LAB-MANUAL

Page 6

Cryptography and Network Security (CSE&IT)

RSA Example
1. Select primes: p=17 & q=11
2. Compute n = pq =1711=187
3. Compute (n)=(p1)(q-1)=1610=160
4. Select e : gcd(e,160)=1; choose e=7
5. Determine d: de=1 mod 160 and d < 160 Value is d=23 since 237=161= 10160+1
6. Publish public key KU={7,187}
7. Keep secret private key KR={23,17,11}
RSA Example cont
sample RSA encryption/decryption is:
Now given message M = 88 (nb. 88<187)
encryption: C = 887 mod 187 = 11
decryption: M = 1123 mod 187 = 88
Another example of RSA is given as,
Let p = 11, q = 13, e = 11, m = 7
n = pq i.e. n= 11*13 = 143
(n)= (p-1)(q-1) i.e. (11-1)(13-1) = 120
e.d=1 mod (n) i.e. 11d mod 120 = 1 i.e. (11*11) mod 120=1; so d = 11
Public key :{11,143} and private key: {11,143}
C=Me mod n, so ciphertext = 711mod143 = 727833 mod 143; i.e. C = 106
M=Cd mod n, plaintext = 10611 mod 143 = 1008 mod 143; i.e. M = 7
Another example is:

LAB-MANUAL

Page 7

Cryptography and Network Security (CSE&IT)

Experiment No. 6
Aim

To study Message Authentication Functions

Any message authentication or digital signature mechanism can be viewed as having

fundamentally two levels. At the lower level, there may be some sort of function that
produces an authenticator: a value to be used to authenticate a message. This lower
layer function is then used as primitive in a higher-layer authentication protocol that
enables a receiver to verify the authenticity of a message.
The different types of functions that may be used to produce an authenticator are as
follows:
Message encryption the cipher text of the entire message serves as its authenticator.
Message authentication code (MAC) a public function of the message and a secret
key that produces a fixed length value serves as the authenticator.
Hash function a public function that maps a message of any length into a fixed length
hash value, which serves as the authenticator.
Message encryption
Message encryption by itself can provide a measure of authentication. The analysis
differs from symmetric and public key encryption schemes.

LAB-MANUAL

Page 8

Cryptography and Network Security (CSE&IT)

Suppose the message can be any arbitrary bit pattern. In that case, there is no way to
determine automatically, at the destination whether an incoming message is the cipher
text of a legitimate message. One solution to this problem is to force the plaintext to
have some structure that is easily recognized but that cannot be replicated without
recourse to the encryption function. We could, for example, append an error detecting
code, also known as Frame Check Sequence (FCS) or checksum to each message before
encryption
A prepares a plaintext message M and then provides this as input to a function F that
produces an FCS. The FCS is appended to M and the entire block is then encrypted. At
the destination, B decrypts the incoming block and treats the result as a message with
an appended FCS. B applies the same function F to attempt to reproduce the FCS. If the
calculated FCS is equal to the incoming FCS, then the message is considered authentic.
In the internal error control, the function F is applied to the plaintext, whereas in
external error control, F is applied to the cipher text (encrypted message).

LAB-MANUAL

Page 9

Cryptography and Network Security (CSE&IT)

Experiment No. 7
Aim

To study E-Mail security

In virtually all distributed environments, electronic mail is the most heavily used
network-based application. But current email services are roughly like "postcards,
anyone who wants could pick it up and have a look as its in transit or sitting in the
recipients mailbox. PGP provides a confidentiality and authentication service that can
be used for electronic mail and file storage applications. With the explosively growing
reliance on electronic mail for every conceivable purpose, there grows a demand for
authentication and confidentiality services.
The Pretty Good Privacy (PGP) secure email program, is a remarkable phenomenon,
has grown explosively and is now widely used. Largely the effort of a single person,
Phil Zimmermann, who selected the best available crypto algorithms to use &
integrated them into a single program, PGP provides a confidentiality and
authentication service that can be used for electronic mail and file storage applications.
It is independent of government organizations and runs on a wide range of systems, in
both free & commercial versions.
There are five important services in PGP
Authentication (Sign/Verify)
Confidentiality (Encryption/Decryption)
Compression
Email compatibility
Segmentation and Reassembly
The last three are transparent to the user

PGP Notations:
Ks
PRa
PUa
EP
DP
EC
DC
H
||
Z
R64

=session key used in symmetric encryption scheme

=private key of user A, used in public-key encryption scheme
=public key of user A, used in public-key encryption scheme
= public-key encryption
= public-key decryption
= symmetric encryption
= symmetric decryption
= hash function
= concatenation
= compression using ZIP algorithm
= conversion to radix 64 ASCII format

LAB-MANUAL

Page 10

Cryptography and Network Security (CSE&IT)

PGP Operation- Authentication

1. Sender creates message

2. Use SHA-1 to generate 160-bit hash of message
3. Signed hash with RSA using sender's private key, and is attached to message
4. Receiver uses RSA with sender's public key to decrypt and recover hash code
5. Receiver verifies received message using hash of it and compares with decrypted
hash code

PGP Operation- Confidentiality

Sender:
1. Generates message and a random number (session key) only for this message
2. Encrypts message with the session key using AES, 3DES, IDEA or CAST-128
3. Encrypts session key itself with recipients public key using RSA
4. Attaches it to message
Receiver:
1. Recovers session key by decrypting using his private key
2. Decrypts message using the session key
Confidentiality service provides no assurance to the receiver as to the identity of sender
(i.e. no authentication). Only provides confidentiality for sender that only the recipient
can read the message (and no one else)

PGP Operation Confidentiality & Authentication

LAB-MANUAL

Page 11

Cryptography and Network Security (CSE&IT)

Can use both services on same message

create signature & attach to message
encrypt both message & signature
attach RSA/ElGamal encrypted session key
is called authenticated confidentiality

PGP Operation Compression

As a default, PGP compresses the message after applying the signature but before
encryption. This has the benefit of saving space both for e-mail transmission and for file
storage. The placement of the compression algorithm, indicated by Z for compression
and Z-1 for decompression is critical. The compression algorithm used is ZIP.
The signature is generated before compression for two reasons:
1. so that one can store only the uncompressed message together with signature for later
verification
2. Applying the hash function and signature after compression would constrain all PGP
implementations to the same version of the compression algorithm as the PGP
compression algorithm is not deterministic
Message encryption is applied after compression to strengthen cryptographic
security. Because the compressed message has less redundancy than the original
plaintext, cryptanalysis is more difficult.

PGP Operation Email Compatibility

When PGP is used, at least part of the block to be transmitted is encrypted, and thus
consists of a stream of arbitrary 8-bit octets. However many electronic mail systems
only permit the use of ASCII text. To accommodate this restriction, PGP provides the
service of converting the raw 8-bit binary stream to a stream of printable ASCII
characters. It uses radix-64 conversion, in which each group of three octets of binary
data is mapped into four ASCII characters. This format also appends a CRC to detect
transmission errors. The use of radix 64 expands a message by 33%, but still an overall
compression of about one-third can be achieved.

PGP Operation - Segmentation/Reassembly

E-mail facilities often are restricted to a maximum message length. For example, many
of the facilities accessible through the Internet impose a maximum length of 50,000
octets. Any message longer than that must be broken up into smaller segments, each of
which is mailed separately.
To accommodate this restriction, PGP automatically subdivides a message that is too
large into segments that are small enough to send via e-mail. The segmentation is done
after all of the other processing, including the radix-64 conversion. Thus, the session key
LAB-MANUAL

Page 12

Cryptography and Network Security (CSE&IT)

component and signature component appear only once, at the beginning of the first
segment. Reassembly at the receiving end is required before verifying signature or
decryption

PGP Operations Summary

S/MIME (Secure/Multipurpose Internet Mail Extension)

S/MIME is a security enhancement to the MIME Internet e-mail format standard, which
in turn provided support for varying content types and multi-part messages over the
text only support in the original Internet RFC822 email standard. MIME allows
encoding of binary data to textual form for transport over traditional RFC822 email
systems. S/MIME is defined in a number of documents, most importantly RFCs 3369,
3370, 3850 and 3851 and S/MIME support is now included in many modern mail agents.

RFC 822
RFC 822 defines a format for text messages that are sent using electronic mail and it has
been the standard for Internet-based text mail message. The overall structure of a
message that conforms to RFC 822 is very simple. A message consists of some number
of header lines (the header) followed by unrestricted text (the body). The header is
separated from the body by a blank line. A header line usually consists of a keyword,
followed by a colon, followed by the keyword's arguments; the format allows a long
line to be broken up into several lines. The most frequently used keywords are From, To,
Subject, and Date.

LAB-MANUAL

Page 13

Cryptography and Network Security (CSE&IT)

Experiment No. 8
Aim :
To study IP Security
Definition: Internet Protocol security (IPSec) is a framework of open standards for
protecting communications over Internet Protocol (IP) networks through the use of
cryptographic security services. IPSec supports network-level peer authentication, data
origin authentication, data integrity, and data confidentiality (encryption), and replay
protection.
Need for IPSec:
In Computer Emergency Response Team (CERT)s 2001 annual report it listed 52,000
security incidents in which most serious types of attacks included IP spoofing, in which
intruders create packets with false IP addresses and exploit applications that use
authentication based on IP and various forms of eavesdropping and packet sniffing, in
which attackers read transmitted information, including logon information and
database contents. In response to these issues, the IAB included authentication and
encryption as necessary security features in the next-generation IP i.e. IPv6.
Applications of IPSec:
IPSec provides the capability to secure communications across a LAN, across private
and public wide area networks (WANs), and across the Internet.
Secure branch office connectivity over the Internet: A company can build a secure
virtual private network over the Internet or over a public WAN. This enables a business
to rely heavily on the Internet and reduce its need for private networks, saving costs
and network management overhead.
Secure remote access over the Internet: An end user whose system is equipped with IP
security protocols can make a local call to an Internet service provider (ISP) and gain
secure access to a company network. This reduces the cost of toll charges for travelling
employees and telecommuters.
Establishing extranet and intranet connectivity with partners: IPSec can be used to
secure communication with other organizations, ensuring authentication and
confidentiality and providing a key exchange mechanism.
Enhancing electronic commerce security: Even though some Web and electronic
commerce applications have built-in security protocols, the use of IPSec enhances that
security.
The principal feature of IPSec enabling it to support varied applications is that it can
encrypt and/or authenticate all traffic at IP level. Thus, all distributed applications,

LAB-MANUAL

Page 14

Cryptography and Network Security (CSE&IT)

including remote logon, client/server, e-mail, file transfer, Web access, and so on, can be
secured.
The following figure shows a typical scenario of IPSec usage. An organization
maintains LANs at dispersed locations. Non secure IP traffic is conducted on each LAN.

The IPSec protocols operate in networking devices, such as a router or firewall that
connect each LAN to the outside world. The IPSec networking device will typically
encrypt and compress all traffic going into the WAN, and decrypt and decompress
traffic coming from the WAN; these operations are transparent to workstations and
servers on the LAN. Secure transmission is also possible with individual users who dial
into the WAN. Such user workstations must implement the IPSec protocols to provide
security.
Benefits of IPSec
IPSec in a firewall/router provides strong security to all traffic crossing the perimeter
IPSec in a firewall is resistant to bypass
IPSec is below transport layer (TCP, UDP), hence transparent to applications
IPSec can be transparent to end users
IPSec can provide security for individual users if needed (useful for offsite workers
and setting up a secure virtual sub network for sensitive applications)
Routing Applications:
IPSec also plays a vital role in the routing architecture required for internetworking. It
assures that:
Router advertisements come from authorized routers
Neighbor advertisements come from authorized routers
redirect messages come from the router to which initial packet was sent
A routing update is not forged
LAB-MANUAL

Page 15

Cryptography and Network Security (CSE&IT)

IPSec Documents
The IPSec specification consists of numerous documents. The most important of these,
issued in November of 1998, are RFCs 2401, 2402, 2406, and 2408:
RFC 2401: An overview of security architecture
RFC 2402: Description of a packet authentication extension to IPv4 and IPv6
RFC 2406: Description of a packet encryption extension to IPv4 and IPv6
RFC 2408: Specification of key management capabilities
Support for these features is mandatory for IPv6 and optional for IPv4. In both cases,
the security features are implemented as extension headers that follow the main IP
header. The extension header for authentication is known as the Authentication header;
that for encryption is known as the Encapsulating Security Payload (ESP) header. In
addition to these four RFCs, a number of additional drafts have been published by the
IP Security Protocol Working Group set up by the IETF. The documents are divided
into seven groups, as depicted in following figure:

Architecture: Covers the general concepts, security requirements, definitions, and

mechanisms defining IPSec technology
Encapsulating Security Payload (ESP): Covers the packet format and general issues
related to the use of the ESP for packet encryption and, optionally, authentication.
Authentication Header (AH): Covers the packet format and general issues related to
the use of AH for packet authentication.
Encryption Algorithm: A set of documents that describe how various encryption
algorithms are used for ESP.
Authentication Algorithm: A set of documents that describe how various
authentication algorithms are used for AH and for the authentication option of ESP.

LAB-MANUAL

Page 16

Cryptography and Network Security (CSE&IT)

Key Management: Documents that describe key management schemes.

Domain of Interpretation (DOI): Contains values needed for the other documents
to relate to each other. These include identifiers for approved encryption and
authentication algorithms, as well as operational parameters such as key lifetime.

IPSec Services
IPSec architecture makes use of two major protocols (i.e., Authentication Header and
ESP protocols) for providing security at IP level. This facilitates the system to
beforehand choose an algorithm to be implemented, security protocols needed and any
cryptographic keys required to provide requested services. The IPSec services are as
follows:
Connectionless Integrity:- Data integrity service is provided by IPSec via AH which
prevents the data from being altered during transmission.
Data Origin Authentication:- This IPSec service prevents the occurrence of replay
attacks, address spoofing etc., which can be fatal
Access Control:- The cryptographic keys are distributed and the traffic flow is
controlled in both AH and ESP protocols, which is done to accomplish access control
over the data transmission.
Confidentiality:- Confidentiality on the data packet is obtained by using an
encryption technique in which all the data packets are transformed into ciphertext
packets which are unreadable and difficult to understand.
Limited Traffic Flow Confidentiality:- This facility or service provided by IPSec
ensures that the confidentiality is maintained on the number of packets transferred
or received. This can be done using padding in ESP.
Replay packets Rejection:- The duplicate or replay packets are identified and
discarded using the sequence number field in both AH and ESP.

LAB-MANUAL

Page 17

Cryptography and Network Security (CSE&IT)

Security Associations
Since IPSEC is designed to be able to use various security protocols, it uses Security
Associations (SA) to specify the protocols to be used. SA is a database record which
specifies security parameters controlling security operations. They are referenced by the
sending host and established by the receiving host. An index parameter called the
Security Parameters Index (SPI) is used. SAs are in one direction only and a second SA
must be established for the transmission to be bi-directional. A security association is
uniquely identified by three parameters:
Security Parameters Index (SPI): A bit string assigned to this SA and having local
significance only. The SPI is carried in AH and ESP headers to enable the receiving
system to select the SA under which a received packet will be processed.
IP Destination Address: Currently, only unicast addresses are allowed; this is the
address of the destination endpoint of the SA, which may be an end user system or a
network system such as a firewall or router.
Security Protocol Identifier: This indicates whether the association is an AH or ESP
security association.

Combining Security Associations

An individual SA can implement either the AH or ESP protocol but not both. Multiple
SAs must be employed for traffic flow to achieve the desired IPSec services. The term
security association bundle refers to a sequence of SAs through which traffic must be
processed to provide a desired set of IPSec services. The SAs in a bundle may terminate
at different endpoints or at the same endpoints. Security associations may be combined
into bundles in two ways:
Transport adjacency: Refers to applying more than one security protocol to the same
IP packet, without invoking tunnelling.
Iterated tunnelling: Refers to the application of multiple layers of security protocols
effected through IP tunnelling. This approach allows for multiple levels of nesting, since
each tunnel can originate or terminate at a different IPSec site along the path.

LAB-MANUAL

Page 18

Cryptography and Network Security (CSE&IT)

Experiment No. 9
Aim :

To study Web security

What are Web Services?

Web services are application components
Web services communicate using open protocols
Web services are self contained and self describing
Web services can be discovered using UDDI
Web services can be used by other applications
XML is the basis for Web services
How Does it Work?
The basic Web services platform is XML + HTTP.
XML provides a language which can be used between different platforms and
programming Languages and still express complex messages and functions.
The HTTP protocol is the most used Internet protocol.
Web services platform elements:
SOAP (Simple Object Access Protocol)
UDDI (Universal Description, Discovery and Integration)
WSDL (Web Services Description Language)
Interoperability has Highest Priority
When all major platforms could access the Web using Web browsers, different
platforms could interact. For these platforms to work together, Web applications were
developed.
Web applications are simple applications that run on the web. These are built around
the Web browser standards and can be used by any browser on any platform.
Web Services take Web applications to the Next Level
By using Web services, your application can publish its function or message to the rest
of the world.
Web services use XML to code and to decode data, and SOAP to transport it (using
open protocols).
With Web services, your accounting department's Win 2k server's billing system can
connect with your IT supplier's UNIX server.
Web Services have Two Types of Uses
Reusable application components.
LAB-MANUAL

Page 19

Cryptography and Network Security (CSE&IT)

There are things applications needs very often. So why make these over and over again?
Web services can offer application components like: currency conversion, weather
reports, or even language translation as services.
Connect existing software.
Web services can help to solve the interoperability problem by giving different
applications a way to link their data.
With Web services you can exchange data between different applications and different
platforms.
Web Services Platform Elements
Web Services have three basic platform elements: SOAP, WSDL and UDDI.
What is SOAP?
SOAP is an XML based protocol to let applications exchange information over HTTP.
Or more simple : SOAP is a protocol for accessing a Web Service.
SOAP stands for Simple Object Access Protocol
SOAP is a communication protocol
SOAP is a format for sending messages
SOAP is designed to communicate via Internet
SOAP is platform independent
SOAP is language independent
SOAP is based on XML
SOAP is simple and extensible
SOAP allows you to get around firewalls
SOAP is a W3C standard
Web Services Example
Any application can have a Web Service component.
Web Services can be created regardless of programming language.
A Web Service Example
In the following example we will use ASP.NET to create a simple Web Service that
converts the temperature from Fahrenheit to Celsius, and vice versa:
<%@ WebService Language="VBScript" Class="TempConvert" %>
Imports System
Imports System.Web.Services
Public Class TempConvert: Inherits WebService
<WebMethod()> Public Function FahrenheitToCelsius
(ByVal Fahrenheit As String) As String
LAB-MANUAL

Page 20

Cryptography and Network Security (CSE&IT)

dim fahr
fahr=trim(replace(Fahrenheit,",","."))
if fahr="" or IsNumeric(fahr)=false then return "Error"
return ((((fahr) 32)/ 9) * 5)
end function
<WebMethod()> Public Function CelsiusToFahrenheit
(ByVal Celsius As String) As String
dim cel
cel=trim(replace(Celsius,",","."))
if cel="" or IsNumeric(cel)=false then return "Error"
return ((((cel) * 9) / 5) + 32)
end function
end class
This document is saved as an .asmx file. This is the ASP.NET file extension for XML
Web Services.
Example Explained
Note: To run this example, you will need a .NET server.
The first line in the example states that this is a Web Service, written in VBScript, and
has the class name "TempConvert":
<%@ WebService Language="VBScript" Class="TempConvert" %>
The next lines import the namespace "System.Web.Services" from the .NET framework:
Imports System
Imports System.Web.Services
The next line defines that the "TempConvert" class is a WebService class type:
Public Class TempConvert :Inherits WebService
The next steps are basic VB programming. This application has two functions. One to
convert from Fahrenheit to Celsius, and one to convert from Celsius to Fahrenheit.
The only difference from a normal application is that this function is defined as a
"WebMethod()".
Use "WebMethod()" to convert the functions in your application into web services:
<WebMethod()> Public Function FahrenheitToCelsius
(ByVal Fahrenheit As String) As String
dim fahr
fahr=trim(replace(Fahrenheit,",","."))
if fahr="" or IsNumeric(fahr)=false then return "Error"
LAB-MANUAL

Page 21

Cryptography and Network Security (CSE&IT)

return ((((fahr) 32)/ 9) * 5)

end function
<WebMethod()> Public Function CelsiusToFahrenheit
(ByVal Celsius As String) As String
dim cel
cel=trim(replace(Celsius,",","."))
if cel="" or IsNumeric(cel)=false then return "Error"
return ((((cel) * 9) / 5) + 32)
end function
Then, end the class:
end class
Publish the .asmx file on a server with .NET support, and you will have your first
working Web Service.
ASP.NET Automates the Process
With ASP.NET, you do not have to write your own WSDL and SOAP documents.
If you look closer at our example Web Service, you will see that ASP.NET has
automatically created a WSDL and SOAP request.
Web Services How to Use
Using the Web Service Example
In the previous page we created a Web service.
The FahrenheitToCelsius() function can be tested here: FahrenheitToCelsius
The CelsiusToFahrenheit() function can be tested here: CelsiusToFahrenheit
These functions will send an XML response like this:
<?xml version="1.0" encoding="utf8"?>
<string xmlns="http://tempuri.org/">38</string>
Put the Web Service on Your Web Site
Using a form and the HTTP POST method, you can put the web service on your site,
like this:
Fahrenheit to Celsius:
S
Submit

LAB-MANUAL

Page 22

Cryptography and Network Security (CSE&IT)

Celsius to Fahrenheit:
How To Do It

Submit

Here is the code to add the Web Service to a web page:

<form
action='http://www.example.com/webservices/tempconvert.asmx/Fahrenhe
itToCelsius' method="post" target="_blank">
<table>
<tr>
<td>Fahrenheit to Celsius:</td>
<td><input class="frmInput" type="text"
size="30"name="Fahrenheit"></td>
</tr>
<tr>
<td></td>
<td align="right"><input type="submit"
value="Submit"class="button"></td>
</tr>
</table>
</form>
<form
action='http://www.example.com/webservices/tempconvert.asmx/CelsiusT
oFahrenheit'method="post" target="_blank">
<table>
<tr>
<td>Celsius to Fahrenheit:</td>
<td><input class="frmInput" type="text"
size="30"name="Celsius"></td>
</tr>
<tr>
<td></td>
<td align="right"><input type="submit" value="Submit"
class="button"></td>
</tr>
</table>
</form>

LAB-MANUAL

Page 23