One of the key technologies helping to make certificates work is digital signatures. A digital signature is basically a one-way hash of the message, or of whatever is being signed. This hash is then encrypted using the private key of the signer. The recipient of the message creates his or her own one-way hash of the message and then decrypts the signature hash and compares the two hashes. If the hashes match, the signature is valid, and the message hasn't been altered or tampered with since being signed. This process is illustrated in Figure 1.6.
Digital signatures are used not only for validating digital messages, but they are also a key technology for verifying the sender of a message. For any message that needs to guarantee who sent the message, and that the message hasn't been modified or tampered with in any way, the use of digital signatures is crucial.