By Mohammed Anis Akhtar for Twocircles.net
The integrity of the world’s largest democracy, India, depends on the reliability and validity of elections, held on a regular basis under the supervision Election Commission of India (ECI) and conducted exclusively using electronic voting machines (EVM).
But following the results in the UP elections, discredited and shocking reports are being racked up by political leaders across the state. However, it is important to remind the readers that this is not the first time such a point has been made. In 2009, Subramanian Swamy filed a case in the high court against Congress party for manipulating the EVM. A few weeks ago, voices against alleged “EVM scam” were raised by the Maharashtra local body and similarly Mayawati in her correspondence with Akhilesh Yadav has accused the BJP of tampering the EVM machine.
Issues on the security of EVM has continuously been shaking the trust of voters and compromising the integrity of secrecy of the ballot. So, before losing the voters’ trust in the electoral process, it is necessary that facts must be brought into the light by analysing the working features of the EVM. It will make people conscious with the iniquitous trend of EVM.
The Electronics Corporation of India (ECI) and Bharat Electronic Limited (BEL) jointly make the EVMs for India as well as export to some developing countries. Since 2004, the EVMs have been used nationwide and after two years in 2006, third-generation EVMs were introduced with some additional changes that are still in use.
Technical description of EVM has never been revealed due to security and intellectual property rights concern. The EVMs employ over-simple design software called Trust Computing Base (TCB) that is more prone to attack than other Direct Recording Electronic (DRE) voting machine. The control unit main board, control unit display board, the ballot unit board and ballot unit communication collectively are assembled to build the EVM. All these parts are not strong enough to be immune to attacks and tampering can be done with a much simpler information. At the initial stage of formation, the software can easily be tampered before manufacturing the CPUs for EVM. Those CPUs are manufactured by a Japanese company and there is high scope at the hands of a technician to alter the compiled program image before burning the software into the chip. Moreover, when the manufactured CPUs are shipped to India to accommodate into the control unit main board, it might be possible that a facsimile CPU can be built inside with full of the bogus votes. An equal amount of tampering might be done in circuit Boards by the supply chain or attacker.
The attacker can directly read and write EEPROM chips by adding and manipulating internal feature of the machine. Furthermore, dishonest display boards can be fit to the EVMs by the attacker carry hidden microcontroller through which a number of votes can be altered and lead to fraudulent results. Once a dishonest display is fit to the EVM, it can simply be connected to a mobile phone via Bluetooth signalling by which candidates’ votes are to be altered whimsically. The vulnerability of attack extends to the involvement of a device that clips directly to the EEPROM memory chips and persistently records the casting votes in the EVMs. This device can be gently adjusted in a shirt pocket and at the time of vote counting, the criminals use the clip on device to change the records of votes.
A UART (Universal Asynchronous Receiver/Transmitter) apparatus is also used dishonestly to disclose the EVM control unit and a wire is easily connected to the CPU to hold it in. There are rotary switches in EVM that work to select the number from 0 to 9. When rotary switch fits in a favoured position it can function in a way that facilitates vote stealing. Furthermore, with about 1.4 million EVMs in use, merely robbing a few of the EVMs is enough to turn the result of the election in close a race. The EVMs are sealed before activating it to the booth for function. The seal punched is of poor quality and unsophisticated, and can be easily tampered with no distinguished efforts.
The third-generation EVM use the Election Software Mask that is built in a way that makes it difficult to crack. Highly complex coding makes it difficult for BEL and ECIL to verify its originality of the source code. The EVMs do not use even basic cryptography to protect vote data internally, and hence the auditing of voters can’t be done.
It is said that all aforesaid tampering activities can be operated covertly without the involvement of any field-level poll workers. The advancement of nanotechnology along with the maintenance of status quo by the election commission opens multiple windows for the attackers. Officially, a committee was instituted in 1990 comprising of C. Rao Kasarbada, P.V Indiresan and S. Sampath on the security of EVMs. The committee, by and large, came up with the tamper-proof system in the intended environment and in 2006 expert committee was re-established under the guidance of A.K Agarwal, D.T Shahani and P.V Indiresan and again the EVM was proved to be tamper-proof.
In 2006, PV Indiresan who led the commission in a television interview said that doubting the security of EVMs is almost asking Sita to prove her virginity by having a trial by fire. Unfortunately, in both of committees, none of the members were experts in the Electronics and the reports made by the committees relied just on presentation, demonstration and site visits. The original source for the reviewing the security of system were out of record to report. The DREs have been discontinued in many of the countries due to the security threat and for India, resuming the conventional ballot system will demand more budget, personnel, time and energy. Therefore, the election commission should resort to a fresh committee on the security issues of the EVM and the committee must contain expert from Electronics.
All these challenges should be tackled quickly before cracking the hope of people in process of election which will ultimately protect the democracy from wreaking havoc. Therefore, the commission should reach to the decision for implementing the voter- verifiable paper trail (VVPAT) as soon as possible or other option like precinct-count optical scan (PCOS) voting system should be reviewed for the possible used in which the paper fill in the ballot are to be scanned by the machine. Whatever so, the urgent essential focus is for the commission to upgrading the EVM to the standard of possible attacking resistance and further efforts on the transparency of election system should be pursued.
The author is a doctoral fellow at the Department of Political Science, AMU, Aligarh.