Secure communication between Flash and PHP script

What you are asking is inherently impossible. The game runs on the client and is therefore completely at the user's mercy. Only way to be sure is running a real time simulation of the game on the server based on user's input (mouse movement, keypresses), which is absolutely ridiculous.

This topic has been covered here @ stackoverflow, at least in part

What is the best way to stop people hacking the PHP-based highscore table of a Flash game

As ssddw pointed out, this is fundamentally impossible. The code to send the score is running on the user's computer, and they have control over it and everything that runs there.

The best you can do is to periodically alter the encryption mechanism so that it takes score-manipulators a while to figure it out again. You can only minimize the damage, never eliminate it, but on a site like the one I work for, if we've got only a hundred people sending fake scores, out of the hundreds of thousands we see every day, we consider that well within the realm of acceptable. (We still crush those we catch cheating, but we don't consider it much of a problem.)

You could at least throw out scores that are above some threshold that you would deem legitimate. It still leaves room for more subtle maniputaion of a high scores list, but will at least help relieve the obvious frustration of seeing an impossible to achieve score topping the charts.