Oy. There's three fairly different things going on in here. Or two, if you leave encryption aside for the time being.
The base64 functions in PHP are an implementation of one of the content encoding schemes in MIME (rfc2045). They convert arbitrary bytes into (and back from) strings of 7-bit-ascii characters, which you can then send through channels designed to handle text but not binary traffic. Base64 en-/decoding is not cryptographic. It's not designed to be hard to attack, and even if it were, there is no key involved: Anyone can decode anyone's base64-encoded data. That's the point, really.
I don't see much use for this in Construct; but maybe I just lack imagination -- I don't really see the constructy need for crypto either.
md5 is a different beast entirely. It's a hash function which calculates a relatively short "fingerprint" of any file you throw at it. This is (intended to be, although there are weaknesses in practice) cryptographically secure in the sense that although many different random collections of bits will produce the same md5 value, an attacker shouldn't be able to construct a legitimate-looking but different file to match a given hash. But it's an irreversible operation: you can't "decrypt" it, there's no way to extract the original file from the hash. All you can do is run the hash operation on a file you're given and compare the result with a known-good value. If the values match, you can assume that the file you have is an unchanged copy of the original.
Something like this might be used in Construct to check if in-game downloads are complete and uncorrupted, or if you want to make it a little harder for your players to edit their save files; but it doesn't seem like the most pressing of concerns.