A digital signature is prepared by first passing the message through a one-way cryptographic function to calculate the message digest. This digest is much smaller than the original message and can be quickly encrypted with the private key to produce a signature which is then added to the original message.

The recipient of the digital signature can be sure that the message really came from the sender. And, because changing even one character in the message changes the message digest in an unpredictable way, the recipient can be sure that the message was not changed after the message digest was generated.

Authentication can be further strengthened by the use of digital certificates.

Before encrypting and transmitting sensitive information it is important to ensure that the public key being used does indeed belong to the intended message recipient and not someone masquerading as them.

One method of doing this is to use a trusted third party or certificate authority (CA). Owners of public keys submit them to a CA along with proof of identity and the CA then digitally signs and issues a certificate which verifies that the public key attached to the certificate belongs to the party stated.

Digital certificates provide the basis for secure electronic transactions as they enable all participants in a transaction to quickly and easily verify the identity of the other participants.