Digital signature creation uses a hash result derived from and unique to both the signed message and a given private key. For the hash result to be secure, there must be only a negligible possibility that the same digital signature could be created by the combination of any other message or private key.
Digital signature verification
Digital signature verification is the process of checking the digital signature by reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key.
Hash
A hash function is an algorithm which creates a digital representation or “fingerprint” in the form of a “hash value” or “hash result” of a standard length which is usually much smaller than the message but nevertheless substantially unique to it.
Any change to the message invariably produces a different hash result when the same hash function is used. In the case of a secure hash function, sometimes termed a “one-way hash function,” it is computationally infeasible to derive the original message from knowledge of its hash value. Hash functions therefore enable the software for creating digital signatures to operate on smaller and predictable amounts of data, while still providing robust evidentiary correlation to the original message content, thereby efficiently providing assurance that there has been no modification of the message since it was digitally signed.