2.5. Digital signatures

A digital signature is applied to a document by first calculating a message digest of the document, and then encrypting that digest (along with other information) using the signer's private key. Anyone can then be sure both that the document has not been altered since signing, and that the document was signed by the holder of the appropriate private key, by decrypting the digest using the signer's public key and comparing it to a freshly calculated digest.

The RSA public key algorithm is commonly used to do this. An alternative is DSA (the US Government's Digital Signature Algorithm) which operates in a slightly different way and which was designed specifically for creating digital signatures.