Do not try and implement your own encryption scheme. Unless you are a network security and encryption expert you will get it wrong.
The correct way to ensure that data can not be read by a “Man in the Middle” attack like you are describing is to ensure that you have Transport Layer Security (TLS) set up for your application. You may also use the Force SSL package to ensure all connections are mad using TLS. (Also known as HTTPS).
Use this tool by Mozilla to generate a high quality TLS configuration for the most common http servers that will sit in front of your Meteor web application.