The application of RFID technology has gently incorporated into our daily life, e.g. supply chain management, credit cards, barcodes and ticketing. Hence privacy and security in RFID have a particular emphasis inasmuch as RFID tags suffer from some inherent weaknesses. Authentication as a crucial element for all security mechanisms has been an interesting subject in recent years. In this work, we analyze a recently proposed RFID authentication protocol by Kulseng et al. [1] and highlight its security and privacy vulnerabilities. We show that Kulseng protocol (KWYG protocol) being vulnerable to several significant attacks like desynchronization, tag and reader impersonation and traceability attacks. Finally, we propose our protocol to eliminate the vulnerabilities with reasonable storage and computational requirements.