Greentext

Throw the technical bit away. Just think of it as a signature. Yes, an old school, written-with-hand signature.

Does the bank trust me giving you $100 by you having this cheque? Yes. Why? Because I told them what my name is and what my signature is like.

Will the bank give you $100 if you stole my cheque and sign your name on it?

Its not about "just having a signature". Its about a web of trust. It only works if you verify if the key belongs to a creator that is actually a person.

Basically creators go to a convention and hand out their public key in person and have other creators sign their key. If you trust creator A is real and they signed the key of creator B, you can have some trust B is also real. And if your buddy went to the convention, met A and B, got their public keys and tells you they are real you can also trust they are real. The more steps/signatures you are away from a creator the less trustworthy they are and nothing really ensures a (human) creator doesn't use AI secretly. If somebody is found to be a fraud everyone has to distrust their key.

Trust is the most important part. You trust someone they made something themselves. They digitally sign their work with a public key that is known to be theirs. You can now verify they (the person you trust) made it.
Once the trusted creator's key is leaked, they are no longer trusted for future works.
AI made content can be freely signed as well, but if you don't trust the origin, the signature doesn't matter anyway since it will just verify it is coming from the AI creator.
The key thing is trust, the signature is just there to verify.