Broadcast communications is a dominant communication pattern in WSN. In such type of communications, broadcast source authentication is a major security concern, to avoid that an attacker impersonates a broadcast source, modifies its data, or simply broadcasts useless data in order to deplete the limited energy of sensors. Several Broadcast Source Authentication Protocols (BSAPs) were proposed in the literature, amongst them we found time asymmetry- based BSAPs like μTESLA [1] protocol. Time asymmetry-based BSAPs, suffer from a kind of DoS attack, called resource-draining attack, in which an attacker floods the network with fake messages that all sensors of the network buffer and forward, then later verify, thus causing buffer overflow and batteries depletion. In this paper we propose H2BSAP protocol, to overcome this kind of DoS attacks, by achieving a hop-by-hop authentication of broadcasted messages, thus limiting the damage of an attacker to its one-hop neighbors only, instead of the entire network