The way to prevent tampering with a cookie using MD5 is described well here, although you may wish to use SHA1 instead these days. It doesn't hide the contents of the cookie, but it makes it impossible for someone else who doesn't know the key to generate a valid hash signature for their own content.