You could pass the score and a MD5 hash of the score and some other secret parameters (like your mothers maiden name or something) and then check the hash at the server end when you receive it.
This would be helpful in a custom binary, because the hackers have to disassemble it to figure out what you're doing. But it seems pretty useless if you're doing this in some client-side script. Then it's just a matter of "View Source" and, "Oh, okay, I do this." Or am I missing something obvious?
I've got the encryption pretty much sorted - I found some Delphi components with an example of how to encrypt in the same way as PHP. Now I have the problem of transporting the data: ciphertext from the algorithm it suggests often contains characters that aren't valid in a URI, so putting it straight into a GET string is out. Any ideas for a simple armouring function to turn a full-ASCII string into alphanumeric, then turn it back again? BTW, jimrthy, I'm not intending to use JavaScript to do the encryption. Thanks, - QS Computing.