We recently covered Encryption Algorithms and how they are used. Digital Signatures build on top of this concept.
In asymmetric encryption, the public key is used to encrypt a message while the private key is used to decrypt it. Digital signatures flip that concept and use a private key to encrypt a message while using the public key to decrypt it.
But why would we want to do this? To verify the identity of the sender, that's the purpose of Digital Signatures.
Let's say we have computer A and computer B, and computer A has sent a message, but computer B isn't sure if the message was, in fact, sent by computer A. What can A do? We know A can encrypt something using its private key but what? Let's say it encrypts a random string and sends it to B. How will B know what to cross-check the decrypted string with? What if A encrypts a copy of the message and sends it alongside? Then B can decrypt it and check if it matches with the message that it received! But sending the entire message twice seems a little inefficient. A simple way to get around this is by hashing the message using SHA-256 or any other popular algorithm and appending this hashed string of fixed length along with the message.
B can now first decrypt the hashed string, and also pass the message it received through the hashing algorithm to check if the hashed strings match. This serves not one, but two purposes: