Which key verifies a digital signature?

Digital signatures are verified with the signer's public key, because the signature is created using the signer's private key and can only be validated by the corresponding public key. When you verify, you check that the signature was produced with the private key that matches the public key, and that the message hash matches, confirming both authenticity and integrity. A public key certificate helps you trust the public key by binding it to an identity, but the certificate itself isn’t the verification step—it’s what helps you obtain the correct public key to perform verification. The sender’s private key is used to create the signature, not verify it, and a session key is for symmetric encryption, not digital signatures.