The paradigm of electronic signatures (also called digital signatures) is a process that makes it possible to guarantee the sender's authenticity (authentication function) and verify the integrity of the received message.
Electronic signatures also feature a non-repudiation function, that is, they make it possible to ensure the sender really sent the message (in other words, they keep the sender from denying he sent the message).
A hash function is a function that makes it possible to obtain a hash (also called a message digest) of a text, that is, a fairly short series of characters representing the text it hashes. The hash function must be such that it associates just one hash with a plaintext (this means the slightest modification to the document will cause its hash to be modified). Moreover, it must be a one-way function so the original message cannot be retraced from the hash. If there is a way to find the plaintext from the hash, the hash function is said to have a "trapdoor".
As such, the hash can be said to represent the document's fingerprint.
The most widely used hash algorithms are:
By sending a message along with its hash, it is possible to guarantee a message's integrity, that is, the recipient can make sure the message was not altered (intentionally or by chance) during the communication.
When receiving the message, the recipient simply has to calculate the received message's hash and compare it with the hash accompanying the document. If the message (or the hash) was falsified during the communication, the two fingerprints will not match.
Using a hash function makes it possible to verify that the fingerprint corresponds to the received message, but nothing proves the message was actually sent by the person claiming to be the sender.
To guarantee the message's authenticity, the sender simply has to encrypt (we generally say sign) the hash using his private key (the signed hash is called a seal) and send the seal to the recipient.
When receiving the message, the recipient simply has to decrypt the seal with the sender's public key, then compare the hash obtained with the hash function with the hash received as an attachment. This seal creation function is called sealing.