How to build a secure and RESTful service in PHP?

I'm building an application system which consists of a server part "in the cloud" and a client part, e.g. an iPhone or Android app or a web browser.

Server side is implemented in PHP (LAMP) and is today a very simple server with a number of php-files serving each type of method request like: getCustomers.php, addNewCustomer.php and so on. Also, up until now, no security mechanism has been used whatsoever and the ISP hosting the server do not provide SSL. That's right, SSL is not an option for security.

Now, I want to gear up my old system and make it:
1) True RESTful service, and
2) Add security, users must be authenticated and authorized, but passwords in plain text is of course not acceptable.

My question simply is, how do I achieve and realize point 1) and 2) above? Is there any tutorial, book chapter or blog article that describes this combined in a single piece? Or do I need to collect information sprinkled all over the web and then try to combine them the best I can?

And please, if you know the answer, and now I hope I'm not too rude, do not just say oAuth this or openID that, instead I would appreciate a lucid explanation of the how or pointers to e.g. blog articles explaining this. Needless to say I have searched the web like a maniac but have, to my big surprise, not been able to find a good answer!?

Regards,
Steve