What Is a Digital Signature?

Digital signatures employ cryptography to provide a way of determining whether a digital message or document is real. 

If a signature is deemed valid, it can be assumed that the communication is from the person it says it's from (known as authentication,) that the sender cannot reasonably deny that the communication is from them (non-repudiation,) and that the communication has not been changed or tampered with (integrity.)

Digital signatures use public key cryptography, in which encryption and decryption is carried out using pairs of public and private keys. As the name suggests, public keys are broadcast publicly, while private keys are kept secret.

To sign a message with a digital signature, the sender uses software to create a hash of the message, which is then encrypted using their private key. To verify a message, the encrypted hash is decrypted using the sender's public key. Then, a second hash of the message is created; if this hash matches the decrypted one, the message is valid.

Digital signatures are not the same as electronic signatures, although the former term is often used to describe the latter technology. 

Electronic signature simply refers to any digital mark that is intended to represent a signature. Common examples of this include HelloSign and Adobe Sign. However, some electronic signature tools may include digital signature technology — meaning an element of public key cryptography may have been used.

Digital signatures are widely used online, for example to authenticate network connections. They are also becoming increasingly common in government. For example, key documents are now published by the U.S. Government Printing Office with accompanying public signatures to verify their authenticity.