• Param Dane

Lost EVMs - why your vote is still safe and at the very least, not mis-used

In the past week, several incidences of electronic voting machines (EVMs) being found in places where they shouldn't be, have raised allegations of voter fraud during the elections for the five state assemblies.

While Congress and its allies continue to ramp up their rhetoric against the Election Commision for 'being in cahoots with the BJP' as evident from the rants of twitter user and congress sympathiser Saket Gokhale after some EVMs were allegedly found in BJP leader Krishnendu Paul's car, the controversies didn't seem to end as earlier today, 6th April, multiple EVMs and VVPAT slips were allegedly found in a TMC leader's home according to ANI.

Priyanka Gandhi, the latest entrant into politics from the Nehru-Gandhi clan demanded the Election Commission to address the complaints against BJP and asked for 're-evaluation of the use of EVMs' and reignited the EVM vs Ballot Paper debate.

The tragedy of the matter is that most of the politicians who demand EVMs to be replaced by the old school Ballot boxes know a little too well about how they can exploit them and their followers know none.

While the exact security features of EVMs are not openly disclosed, each EVM is presumably allotted a serial number. A database cross-referencing all such EVMs which are programmed to be used for a particular constituency is maintained centrally by the Election Commision since each EVM has to be programmed individually for the names of candidates for each assembly which means the EC knows exactly how many EVMs were being used at each constituency and maybe even at each booth completely eliminating the possibility of vote-theft wherein cast votes, vote-boxes are simply displaced before being counted.

If an EVM which was to be present in the booth according to EC's database is absent on the counting day, red flags are raised immediately and the booth/constituency is sent to repoll in most cases.

Image of a Ballot Box
Ballot Box made by Godrej & Boyce Mfg. Co. Ltd. | Godrej Archives

Unlike ballot boxes which quite simply are boxes into which slips of paper, called 'Ballots', stamped with the voter's vote are dropped, EVMs cannot be 'cracked' open by a flick of a hammer. Further, vote manipulation during the era of ballot boxes is far from being unheard of, simply because in all practicality if those boxes were resealed after taking out a bunch of ballots (pieces of paper) and few more were added, no one's the wiser and it is practically impossible to detect that certain amount of votes which were casted are absent now.

On the EVM side of things, it is theoretically impossible to even check the number of voters cast for any candidate before the election date and without the appropriate credentials alongside the CU (Control Unit), let alone manipulate them. The Election Commision in fact held a competition challenging political parties to prove otherwise, many parties which initially spread mistrust against EVMs refused to even participate.

For an electronic system like a CPU of a conputer to communicate with peripheral devices, electronic signals must be resolved into say, electromechanical or electromagnetic and vice-versa. Also, the formats in which some data is stored in say a hard drive differes from what the CPU is designed to interpret. To resolve all such conflicts, input/output interfaces are used. They act like the translators between peripherals and the main CPU.

Diagram explaining IO Interfaces
Diagrammatic representation of Input/Output interfaces. GeeksForGeeks

EVMs aren't like mobile phones or laptops which have a plethora of input/output devices and interfaces. The only way to get a vote 'in' an EVM is to press a button during the voting time (set by the EC before sending EVMs at booths and actuated by the polling officer via the control unit) and the only way to check the polled votes is using the specialised credentials provided by the EC itself. One just simply cannot pop in a USB flash drive 'copy the votes' and edit them in microsoft word for there is no interface allowing the same which implies, even if one did manage to get their hands on EVMs after voting is closed, it is nothing but a box full of silicon, capacitors and nothing more.

Hypothetically, even if one managed to somehow get access to the data stored locally on any EVM, it is most likely encrypted to the root and anybody who's faintly acquainted with digital-cryptography knows the impossibility associated with cracking encryption protocols like AES which is widely used, especially by a political goon whose special skills include being good at extortion and intimidation. In all likelihood, any such attempt to electronically manipulate data will render it illegible further raising red flags on counting days.

The politicians demanding a rollback to physical ballot are well acquainted with the vulnerabilities in the old system, the followers echoing the same are kept in dark. As a person whose family spent the majority of their lives in rural districts and seeing my parents voting in ballot boxes for municipal, bank and other local elections, the idea of voting the old way with the strongman of the strongest party peeping over your shoulder confirming you voted for their party sends chills down my spine.

It's only ironic that people make transactions worth billions and billions of rupees throughout the year on electronic payment platforms via their mobile phones but doubt the safety of a closed, protected and locked-down device like an EVM.

Alas, politicians banking on the general mistrust, unawareness and specific illiteracy of masses to fuel their propaganda isn't a new phenomenon. Only this time, it is technology which is the scapegoat to justify their party's losses in elections and the overall ineptitude of their cadre.