what is the difference between digital signature and digital certificate?

From Wikipedia (emphases mine): A http://en.wikipedia.org/wiki/Digital_signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit. Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery and tampering. and In cryptography, a public key certificate (also known as a http://en.wikipedia.org/wiki/Public_key_certificate or identity certificate) is an electronic document which uses a digital signature to bind together a public key with an identity — information such as the name of a person or an organization, their address, and so forth. The certificate can be used to verify that a public key belongs to an individual. So if I understand the above correctly, a digital signature just proves that a document hasn't been tampered with whereas a digital certificate proves that the document actually came from you.

The clearest explanation for me is available at RSA Laboratories: Digital signature: Suppose Alice wants to send a signed document or message to Bob. The first step is generally to apply a hash function to the message, creating what is called a message digest. The message digest is usually considerably shorter than the original message. In fact, the job of the hash function is to take a message of arbitrary length and shrink it down to a fixed length. To create a digital signature, one usually signs (encrypts) the message digest as opposed to the message itself. ... Alice sends Bob the encrypted message digest and the message, which she may or may not encrypt. In order for Bob to authenticate the signature he must apply the same hash function as Alice to the message she sent him, decrypt the encrypted message digest using Alice's public key and compare the two. If the two are the same he has successfully authenticated the signature. If the two do not match there are a few possible explanations. Either someone is trying to impersonate Alice, the message itself has been altered since Alice signed it or an error occurred during transmission. ... Digital certificate: In addition, someone could pretend to be Alice and sign documents with a key pair he claims is Alice's. To avoid scenarios such as this, there are digital documents called certificates that associate a person with a specific public key. These quotes are from RSA labs at http://www.rsa.com/rsalabs/node.asp?id=2182 and http://www.rsa.com/rsalabs/node.asp?id=2277

Conceptually they are kind of oposites. With a digital certificate encypt you with the public key and decrypt with the private key, that way you can ensure only the person with the private key can read your text. With a digital signature you encrypt with the private key and decrypt with the public key, that way anyone can decrypt, but only the person with the private key can encrypt so you know the message has come from the person with the private key.

Let me expand of Ashley's explanation. As with all things crypto, assume Alice (sender) wants to send a secure message to Bob (recipient) There are two problem to solve here. How to encrypt the message so only Bob can decrypt it. How can Bob be sure the message is from Alice in the first place and not modified by someone in transit. Both of these problems can be solved with public key cryptography. For (1), Alice encrypts the message with Bob's public key. When bob receives the message, he can securely decrypt it with his private key. So encrypt with Bob's public key and decrypt with Bob's private key (this is basic stuff in public key crypto) To solve (2), Alice also sends a digital signature along with the encrypted message. This is done as follows: Pass the original message through a hash function (like http://en.wikipedia.org/wiki/SHA-1) to get a message digest Encrypt this message digest with Alice's private key (note this is the opposite of how the original message is encrypted with Bob's public key) When Bob receives the message + digital signature he will: Decrypt the message with this private key and then calculate its message digest. Lets call this digest M1. Decrypt the signature with Alice's public key to get the message digest. Lets call this M2. If M1 and M2 are same, Bob can be certain that the message was not modified in transit and that indeed it is from Alice. As for digital certificates, notice that Alice relies on encrypting the original message with Bob's public key and Bob relies on Alice's public key to decrypt the signature. How can both of them be sure of each other's public key? Thats what digital certificates are for. Its allows a trusted third party to verify/say "Alice's public key is xyz".

Yes, digital certificates and digital signatures are quite different. http://www.arx.com/information/digital-certificate are used to verify the trustworthiness of a website, while digital signatures are used to verify the trustworthiness of information. In the case of digital certificates, an organization may only trust a site if the digital certificates are issued by the organization itself or by a trusted certification source, like Verisign Inc. But, this doesn't necessarily mean that the content of the site can be trusted; a trusted site may be infiltrated by a hacker who modifies the site's content.