摘要:Last few years, many security schemes are designed for RFID system since the release of the EPC Class 1 Generation 2 standard. In 2010, Yeh et al. proposed a new RFID authentication protocol conforming to EPC Class 1 Generation 2 standard. Yoon pointed that their protocol still had two serious security problems such as DATA integrity problem and forward secrecy problem. Then he proposed an improved protocol which claimed to eliminate the weakness in 2011. This paper shows that Yoon’ s protocol had no resistance to replay attack and did not resolve the problem of data forge and tag’s location privacy. An improved protocol is also proposed to protect RFID system from all major attacks. By comparing to other authentication protocols with respect of security and performance, the results shows that the proposed protocol is feasible for RFID tags which are low cost and resource-constrained devices.