What is a Digital Signature?

Non-Repudiation

A digital signature uses your private key to generate a unique cryptographic footprint over a file or message. Unlike encryption which hides data, a signature proves authenticity.

Because only the private key can create the signature, and anyone with the public key can verify it, digital signatures offer 'non-repudiation'—mathematical proof that the sender cannot deny they sent the message.

Separating Encryption from Signatures

Often, developers attempt to 'encrypt with the private key' to generate a signature, which works in basic RSA but is mathematically disastrous for elliptic curves. True signature algorithms (like EdDSA) use entirely distinct mathematical processes dedicated explicitly to proofs rather than obfuscation.

Everyday Example

A digital signature is like signing a check using a pen that incorporates the exact DNA of the paper the check is printed on. If anyone tries to copy the signature to a different check, or changes the amount on the original check to a million dollars, the DNA completely fractures, and the bank knows it's a forgery.

The Deep Mathematics

Digital Signatures mandate a mathematical triad: KeyGen, Sign, and Verify. In RSA-PSS, the message is padded probabilistically. The signer computes s = m^d mod n. The Verifier computes m' = s^e mod n. If m' strictly mirrors the padding array of the original message hash, identity and payload integrity are unequivocally guaranteed.