Digital signatures are mechanisms of ensuring the integrity of a message / data on transit. Additionally, they can be used to authenticate the source of the message. But How?
A digital signature is generated using a private key then appended to the original message / data. On arrival at the destination, the receipient will use the corresponding public key to verify the signature. If verification is successful, then the recipient can:
- Be assured that the message wasn't tampered along the way.
- Be assured that the message did not originate from a rogue sender.
Signature verification involves the use of a public to check if a signature generated by the corresponding private key is valied
The primary purpose of encryption is to ensure confidentiality (other parties can't view) of the message in transit. Typically the public is used to encrypt the data.
Decrypting an encypted messaged using a private key.