Digital signatures provide the mechanism for cryptographic authentication in DNSSEC. A digital signature proves that the message originated from a certain source and that the message has not been changed. Just as a written signature is inextricably attached to a written document, a digital signature is inextricably attached to digital information.