A Digital Signature is created by producing a message digest, then encrypting it with the signer’s private key. Anyone can verify the signature by decrypting it with the signer’s public key, then generating a new digest of the message.
Creating Digital Signature
If the recovered digest and the regenerated one match, the signature is verified. Digital Signatures provide strong sender authentication (you know for certain who created the message) and message integrity (detection of tampering).
Validating a Digital Signature
Digital Signatures can be used in many situations, such as S/MIME email, ecommerce and document security.