Asked by
Naresh
in
Computers & Technology
at
6:03 PM on May 04, 2009
Payal Mehra's Answer
In India, votes are cast on an electronic voting machine (EVM). The EVM seems to have been touted as the ultimate solution to all ills of the Indian voting process.
However, there is more to it than meets the eye. The entire process may be hacked into, knowing that corruption in India is a legendary phenomenon and people can be bribed to circumvent any law.
There were Public Interest Litigations (PIL) filed in Supreme Court of India (SC) for authenticity of voting process using EVM. PIL no W.P(C)No. 191 OF 2004 was heard on 30 April 2004 and was summarily disposed of.
I carried out this analysis of voting process in 2004. My suggestions are based on my observations and past experience of process design, electronics, security, and corruption studies in India. There are very many improvement possible in the suggestions and with improved connectivity, electronic systems and more informed voter/election personnel, it may be possible to create a largely secure (and easy/simple) voting process.
I think that the entire voting process should be secured and not depend entirely on the security (supposed to be) of the EVM alone. It is the voting process that is important, EVM is a minuscule part of it.
Whenever, one part of the process changes, it has an effect on the other parts. And we need to examine the impact of this change. Election Commission of India (ECI) should have looked at the whole process and not the machines alone. The process is important and all pervading, that is the reason why process design, process mapping, BPR and impact analysis is a big business.
So in the present malformed process of voting, if a state or local election officer replaces the EVM at any point in time, more so after the votes are cast, the process security fails. The signatures, seals, tags and stickers can all be duplicated. Let us not forget that fake stamp papers could be printed by Telgi, with connivance of the Security Press staff, despite all kind sof security and security processes.
About EVM
The EVMs are manufactured by a state owned organisation, Bharat Electronics Limited (BEL). BEL and ECI consider obscurity and obfuscation as security, however this is really not security. If you look at the texts on electronic/data security/authentication, they all advise on security by openness and not by obscurity. Thats the reason why all encryption algorithms are available freely.
The EVM is based on a microcontroller (I guess a variant of Intel's 8051), on which, the program and the memory can be protected from external read, but that is very low level (and low quality) security and chip centric, based on the premise that security attacks will be at the electronic module level only. For a really adamant cracker, this is breakable.
I've been involved in lots of reverse engineering projects (including using 8051, FPGAs and so on), where in, I reverse engineered by blackbox technique (that is, plainly look at the functionality and mimic external interfaces) and have always been successful. Its similarly possible to change the microcontroller inside, with the one programmed by someone else or to manufacture the entire EVM ab-initio. Inksigned paper stickers and loops are a child's paly to duplicate or hack through.
Incidently, there are electronics design problem leading to severe EMI/EMC issues in the EVM. The long ribbon cable to the button box is easily susceptible to EMI from even the mobile phone. I could attack the machine by building a hand held interference generator.
EVMs do not authenticate with an external process/system/device, then
(a) How do we know that they have the right program in the chip? Is the compiled code's signatures (digest) checked at the time of boot up, by the software?
(b)How do you know that its the right EVM and not a duplicate?
Also, why doesn't BEL make the design available openly? Lets look at t
Answered at
6:13 PM on May 05, 2009
Read answer