Which of the following statements is true regarding digital signatures?

Digital signatures leverage cryptographic techniques to provide a secure and authentic means of verifying the origin and integrity of digital messages or documents. The correct statement emphasizes that digital signatures require a public key infrastructure (PKI) for verification.

PKI consists of hardware, software, policies, and standards that work together to provide secure communication through public and private key pairs. When a digital signature is created, the sender uses their private key to sign the data. The recipient or any verifier can then use the sender's public key—available through a PKI—to authenticate the signature. This ensures that the message has not been altered and confirms the identity of the sender.

In contrast, the incorrect statements reflect misconceptions about digital signatures. The idea that they can be easily forged ignores the robust cryptographic algorithms that secure the signatures. Claiming they apply only to emails disregards the broader applicability of digital signatures, which can be used on various digital documents and transactions beyond just email. Finally, asserting that they are not legally binding overlooks their recognition in many jurisdictions as valid and enforceable, similar to handwritten signatures under specific legal frameworks.