A digital signature verifies that a document genuinely originates from the sender and has not been altered since it was signed. It ensures authenticity, integrity, and also non-repudiation.

In essence, a digital signature is created by signing a message with the sender’s private key. Anyone with access to the corresponding public key can verify the signature.

Info

Notice that digital signatures are opposite of typical public-key encryption, where the sender encrypts message using receiver’s public key.

For Alice to send a message that only Bob can read and prove it came from her, she can signing with her private key but then encrypt with Bob’s public key

Difference with MAC

See: differences between hashes, MACs, and digital signatures

Since digital signature uses public-key encryption, it provides authentication without a shared secret. By contrast, MAC uses symmetric encryption.