Signing and encryption: general overview

In order to sign and/or encrypt a message, at least one public/private key pair is needed. The public key is provided to users who want secure communication. The sender's private key is used to digitally sign a message. When this message is received, the sender's public key is used to verify the digital signature in order to prove that the message originated with the sender. 

For encryption, the sender uses the recipient's public key to encrypt the message. When the message is received, the recipient uses the recipient's own private key to decrypt the message. As long as the private key is protected and is accessible only by the originator, the recipient of a digitally signed message is able to confirm the originator of the message and both parties will be assured that the message has not been compromised.