Essentially, what is the difference between reverse engineering aprivate key from a public key, and verifying that someone must havethe private key to produce a message signature that corresponds to apublic key? How is one possible but not the other?
It is practically impossible to find the private key based on the public key, and this is the whole point of public-private key cryptography. This is pure beauty of math. Your second question is asking how the digital signature works. The digital signature is commonly produced by first compute the digest of the your plain text message (for example using sha256), then encrypt the digest using your private key. Your cipher text alongside the digital signature looks like:
public_announcement, signature=encrypt(sha256(public_annoucement), private_key)Any receiver can compute the sha256 digest of public_annoucement and compare with decrypt(sha256(public_annoucement), public_key)`. If these two does not match, either the annoucement is tampered or it is not signed with the private key that it claimed to be.