Recently, the wide deployment of RFID systems in a variety of applications has raised many concerns about the privacy and the security. An RFID tag can be attached to a product, an animal, or a person for the purpose of identification using radio waves. For any possible reasons, an adversary may perform various attacks such as eavesdropping, traffic analysis, spoofing, disabling the service, or disclosing sensitive information of tags, and hence infringes people’s privacy and security. To attain great market penetration, RFID tags should be low-cost, such as EPC Class1 Gen2, which limit the computation power, the storage space, the communication capacity and the gates count. However, low-cost RFID tags aren’t equipped with conventional cryptographic primitives such as AES and RSA to protect people’s privacy and security. Currently, there have been many works devoted to design security mechanisms for low-cost RFIDs. Unfortunately, we find that these works have several security weaknesses like information of tags compromised, DOS attack, not satisfied Forward secrecy, the information of a tag and a reader are out of synchronization, etc. In this thesis, our study focuses on ultra-lightweight, lightweight and using hash fuction security schemes. We analyze the security vulnerabilities of these works and then propose our scheme to improve the security and to reduce the database searching time from O(n) to O(1). In addition, we implemet two Gen2 RFID-based applications: one is to effectively manage and market fresh foods (like eggs, fishes, meat and milk), and to prevent an adversary from imitating a lower-price food as a higher-price food. The other aims to help the elders in their daliy activities, and to attempt preventing an adversary from obtaining personal privacy information of tags. Unfortunately, Gen2 tags are always read by anyone, so we sugguest that privacy information would be stored in the database or be crypted to tags.