RFID is considered as a significant technology which supplies amounts of change in chain management. The most important problem with the RFID system is that the attacker can access the tag's information, which leads to the security and privacy problems. Aimed at these problems, a secure hash-based mutual authentication protocol is proposed by utilizing the hash function, the PRNG (pseudo-random number generator) and the secret key. In the proposal, the tag conceals the ID with a random number, the hash function and the secret key. A hash value is transmitted as a substitute for the ID, which realizes the anonymous transmission of the information. The reader and the tag authenticate each other, which eliminates intended or meaningless interferences from the attacker. The computational complexity of the proposed protocol is the same with several hash-based protocols, provided adequate security level and efficiency for practical applications.