I suggest you read about Transport Layer Security (TLS); It is probably the simplest reasonable approach to security and has been widely adopted (e.g. https and ftps).
In a sentence, it works by establishing a "secure channel" for your existing protocol to communicate over.