A. As we saw in the previous FAQ public-private keys are used to pass sensitive information however it can also be used to provide authentication that a sender is who they say they are. It does not protect the contents of the message, it only proves it is from who it says its from.

It provides authentication and integrity but does not provide confidentiality, data is sent as normal but acts like a normal signature we use on a letter.

A digital signature works by creating a message digest which ranges from between a 128-bit and a 256-bit number which is generated by running the entire message through a hash algorithm. This generated number is then encrypted with the senders private key and added to the end of the message.

When the recipient receives the message they run the message through the same hash algorithm and generate the message digest number. They then decrypt the signature using the senders public key and providing the two numbers match they know the message is from who it says its from AND that is has not been modified.