A digital signature is a form of public key encryption. In the PKI (Public Key Infrastructure) you have 2 keys, "Public" and "Private" which are used in a one way encryption formula (algorithm) that has been shown mathematically that it can't be reverse engineered (at this time). Your public key is published to the world and you keep your private key totally secret.
In signature mode using your private key the software generates a "signature" for the document using the contents of the doc/email. The recipient can use your public key to verify that the contents of the doc/email have not been altered and that you really are the person who generated the "digital/electronic signature"
In encryption mode you use the recipient's public key to encrypt the doc/email and they use their private key to decrypt it to read it.
For a totally secure document (like a contract) you would digitally sign the doc (using your private key) then encrypt it using so the contents could not be read except by the recipient (who uses his private key to decrypt it).
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
