168 CHAPTER 7 Security for Mobile Ad Hoc Networks authenticate the source so as to prevent unautho- rized nodes from initiating resource consuming route requests. The source S creates and signs a request that includes the destination D , the source, a sequence number, and a weight list. S then broadcasts the request. When an intermediate node receives a request, it checks its list of recently seen requests whether there is a request matching this request (same source, destination, and request identi- fiers). If it is not there and and the source's sig- nature is valid, it stores the request in its list and rebroadcasts the request. If there is a match- ing request, the node does nothing. When D receives a new request from S for the first time, D verifies the authenticity of the request, cre- ates and signs a response that contains S , D , a response sequence number and the weight list from the request packet. D then broadcasts this response. When an intermediate node receives a hear a REQUEST without that node listed, or must be able to invert the one-way hash function. · Ariadne route maintenance. A node for- warding a packet to the next hop along the source route returns a ROUTE ERROR to the original sender of the packet if it is unable to deliver the packet to the next hop after a lim- ited number of retransmission attempts. To pre- vent unauthorized nodes from sending ERRORs, it is required that an ERROR be authenticated by the sender. Each node on the return path to the source forwards the ERROR. If the authenti- cation is delayed, each node that will be able to authenticate the ERROR buffers it until it can be authenticated. 7.7.5. On-Demand Secure Routing Protocol Resilient to Byzantine Failures (SRPRBF)