Nagy László Zsolt <nagylzs at freemail.hu> writes: > >Or is the checksum stored on the server, in some form of lookup > >dictionary keyed by some user session identifier? > > > I think he wanted to write a digital signature instead. Right? I used "cryptographic checksum" in a broad sense. More specifically the suggestion is to use a secret-key authentication code like HMAC-MD5.