• That the message was not altered.
• Who the author is.

• The author of a message has the private key.  Access to this is restricted to the author.
• However, the author can send the public key to anyone.
• Though these keys are mathematically related,  one cannot be derived from the other.
• Only the private key can decrypt messages from the public key, and only the private key can create messages for the public key.

• DSA, or the Digital Signature Algorythm, is included in the java.security package.
• RSA, named after its authors, can be purchased.

• Class Random is not random enough.  It is based on the computer's clock.  Class SecureRandom is usable.  That is, its use has not been disproven.
• You should provide SecureRandom with a seed number.  If you do not, it will generate one.

• On the signer's side:
• getInstance gets an instance of the Signature object with the given algorythm.
• initSign prepares the Signature object for signing.
• update sends bytes to the Signature object, similar to MessageDigest.
• sign returns a byte array representing the signature.
• On the receiver's side:
• initVerify uses the public key to prepare to verify the message.
• update accepts the message as a byte array.
• verify returns a boolean stating whether the signature is valid or not.

• You need to make sure that you're not being spoofed by the person giving you the public key in the first place.
• Companies like Verisign specialize in this.
• You can get third-party authenitcated signatures in a number of different security levels.  The more secure, the more the signer has to pay.

Exercise (save for later): Use Signatures to send messages with RMI.