Digital signatures lean on the properties of asymmetric cryptography where two keys are created as a pair to encrypt and decrypt messages — one private key, which is kept secret, and one public key, which can be given to anyone who wants it.
Digital signatures are created by encrypting a message from a sender with a private key. Due to the mathematics underpinning asymmetric cryptography, the receiver can then verify that the encrypted message came from the correct source by using the sender’s public key to ‘decrypt’ the signature. If the ‘decryption’ fails, the expected public key does not match the private key used to create the signature.
Together, using both public/private key cryptography and digital signatures, two people can communicate with each other without relying on trust or secrecy, and do so securely without revealing sensitive information.