对于一个可笑短的值（即：值＆LT; 64个字符），MD5作为哈希就失效了，由于彩虹表攻击，因为你的价值重发将通过线路共享，他们所要做的是蛮力共享的秘密（他们有一个已知的产品一起工作）

For a ridiculously short value ( Ie: values < 64 characters ), MD5 as a hash becomes ineffective due to rainbow table attacks, and as the value you're sending will be shared over the wire, all they have to do is brute force the shared secret ( and they have a known product to work with )

这样，那不是公钥私钥。其mererly共享的秘密。

As such, thats not public key private key. its mererly shared secret.

另外，请记住，这共享秘密将在您的Flash文件中发送给用户，而这些天，被平凡拆卸，然后你的秘密已经不是什么秘密了。

Also, keep in mind this shared secret will be in your flash file you send to the user, which these days and be trivially disassembled and then your "secret" is not a secret any more.

您需要适当的加密签名，其中一个新的符号键被分配给从服务器的每一场比赛，并多次得分不能用相同的符号键提交了多挑战 - 响应机制。 （对于额外的保护;））

You want a more challenge-response mechanism with proper crypto signing, where a new sign key is assigned for every game from the server, and multiple scores cannot be submitted with the same sign key. ( For extra protection ;) )

1. 在用户启动游戏。注册密钥请求。 （符号键是从另一个关键生产的，他们不能访问）。
2. 在得分与符号键签名，然后送到
3. 您确认你送他们的主要符号的价值。
4. 您放弃您发送符号键。

不过，您的还是的有，你有没有办法prevent实际的评分系统被篡改的问题。有人足够聪明，可以只逆向工程的SWF对象，并注入新的code，它只是设置了比分到他们所选择的价值。

However, you still have the problem where you have no way to prevent the actual scoring system being tampered with. Somebody smart enough could just reverse engineer your SWF object and inject new code that just sets the score to their chosen value.