Did work a little on this issue some time ago.
There appears to be no way you can make Flash secure, because anything you put in it can be easily accessed and re-used.

So any kind of key or method that "only your flash movie" would use to access the PHP service, can be replicated.

There is no apparent solution to this problem.. you can make it slightly more difficult for people to access your content, but not impossible.



Remember that Flash sends specific request headers (some of which can be customized), so you can use that too for filtering requests.

Sorry dude...

p.s. In any case if you merge user authentication, secure connection and randomic encription, you can't avoit people from building their own tools to access your images, but you sure will know that whoever accesses the images is a registered user.