No, a server plugin has no access to the client computer. Even if you made a client plugin it would be very easy to get around or fake. The first rule of any kind of online/multiplayer coding is never trust the client, for anything. A notable exception would be something like Valve's anticheat (VAC) technique, which would be very difficult to implement for Minecraft. I'd love to be proven wrong on this point though ; ).
I think it would be very effective, especially if the clients didn't know you were doing it. It would have stopped every xrayer my server has ever had to deal with. Shame it's not possible.
Not unreasonable, but also not really secure. As soon as a client that verifies its own md5 becomes popular, you can be sure one that fakes it will come out. It's security by obscurity, and only works on a small scale until someone checks what is happening under the hood. There are more advanced in memory solutions to do what you're talking about, but frankly even those run into more complex versions of the same scenario. Even major gaming companies like Blizzard are unable to permanently patch map hacks that come out for their games, it's just the nature of the beast. Basically if the client has the data, you've already lost the war, and Minecraft sends more data to the client than it knows what to do with half the time.