RFID technology has gained tremendous popularity in the recent years. The tiny, inexpensive RFID tags can be easily attached to objects for seamless identification. However, one glaring weakness of RFID tags, especially passive RFID tags is its lack of capability for implementing strong crypto primitives for security purposes. When no or a weak crypto primitive is implemented, the adversary could easily eavesdrop to the communication session between the reader and the tag, he can potentially gain all the secrets about the tag. In doing so, the secrecy of the messages and the privacy of the tag is violated. In this paper, we introduce a new framework that would protect the messages transmitted from the tag to the reader. This framework makes use of the physical properties of RFID systems by sending a random time-varying waveform from the tag to the reader for power harvesting rather than a fixed amplitude waveform. We show theoretically this framework is secure against one eavesdropper by showing the eavesdropper's decoding error probability is very close to 50%. Furthermore, we have implemented our framework, the experimental results also confirm with our theoretical results. Finally, we will discuss two more stronger forms of attack.