Digital signature and hash

A digital signature is a process that electronically creates a unique identity for a message (any type of data the sender needs a proof for his/her identity as sender), similar to the uniqueness of the handwritten signature.
The first step is to apply a hash function to the message – a mathematical algorithm that produces a fixed-length number, also called a message digest or hash. The message digest is unique to any given string of characters, and therefore creates an ID unique to the message. Moreover, it is impossible to reverse the process and produce the message from the message digest. A single-bit change in the original message will change the message digest.
There are various popular hash algorithms, such as MD5 or SHA1. You can test the hashing function here:

Write a textual message to sign:

It is also possible to hash a message with a secret key, such that only those who know the key can verify the hash, so that only authorized users can perform this action.
You can test it here:

write a secret key:
Write a message to hash:


The second step is to sign the hash result with the sender’s private key, which is the digital signature appended to the message.
The recipient uses the sender’s public key to produce and verify the message digest. The success of the process proves that the proclaimed sender has indeed sent the message. A hash function is then performed on the data received to compare it to the message digest received. If the result is identical to the message digest received, than the signed data hasn’t been changed.
Read more in the article "Securing Electronic Commerce".