In recent years, researchers have proposed many authentication protocols for RFID tagged objects supporting tag ownership transfer. In this paper, first we present a tag traceability attack on a recent authentication protocol, called LSDARP+, proposed to enhance its predecessor, known as the LSDARP protocol. The LSDARP protocol is based on a sliding window mechanism with two important “authentication” and “ownership transfer” phases. We also show that LSDARP’s ownership transfer phase fails to protect new owner privacy. Moreover, we present our proposal for improving the security of these protocols. The proposed protocol has two phases, the “authentication” phase which is based on the sliding window mechanism, and a dedicated “generating new shared keys for new owner” phase. Finally, we show that our proposed protocol is secure and lightweight enough for the EPC-C1G2 standard.