RFID authentication has many security and privacy issues due to the lightweight operation. Many research achievements in RFID focus on strengthening the entire system and solving the security problems. Recently, a hash-based RFID security protocol with the purpose of updating the identifier of the tag in both the reader side and the tag side was proposed. However, there exists inherent risk in the ID-updating when the adversary blocks the message, where the backend processing system (BPS) cannot recognize the tag due to de-synchronization of the identifier in last several sessions. In this paper, we propose an enhanced ID-updating hash-based RFID authentication protocol with strong privacy protection, in which ID-updating is able to resist de-synchronization attack. The possible feedbacks in our protocol are taken into consideration. Our proposed protocol is proved to be effective and secure in real applications.