A digital signature uses encryption technology to do two things. It proves that the message hasn’t been changed in transit, called message integrity, and it also links ownership to the information, called non-repudiation.
In order to prove that the message wasn’t changed the message is cryptographically transformed to a set of values, called a hash or a digest. The hash or digest is also sometimes referred to as a fingerprint because statistically, the chance of this hash or digest being the same value for any other message is almost impossible. The hash or digest is sent along with the message and the same transformation is run at the other end. Any attempts to alter the information in transit will result in a message that no longer matches its digital signature.
In order to link ownership, before the message is sent, a second operation is performed. The private key of the sender is used to encrypt the hash or digest. The receiver uses the sender’s public key to decrypt the digest. This proves that the message could only come from the person who holds the private key.