UHG
Search
Close this search box.

Hacking India’s Electronic Voting Machine is Next to Impossible

Musk set the ball rolling with his tweet doubting the reliability of EVMs. However, research shows that EVMs are impossible to hack

Share

Indian EVMs Are Unhackable

Elon Musk, the CEO of Tesla and SpaceX, whipped up a political storm of sorts in India ever since he wrote that post on X criticising electronic voting machines (EVMs).

Musk set the ball rolling with his tweet doubting the reliability of EVMs, citing media allegations of vote abnormalities in hundreds of EVMs during the elections in Puerto Rico.

Rajeev Chandrasekhar, who led the previous government’s electronics and information technology ministry, responded to Musk by stating that the X owner’s comment implied that “no one can build a secure digital hardware”.

He added that he’d be happy to run a tutorial for Musk on how to build a secure EVM. Musk responded to the BJP leader, saying, “Anything can be hacked.”

How EVMs Work

An EVM is made up of two units: the control unit and the ballot unit, which are connected by a cable.

The Election Commission of India (ECI) now uses third-generation EVMs, called M3 machines, which are not connected to the internet. These lack the physical components to connect to Bluetooth or Wi-Fi, making them resistant to remote hacking efforts.

Each EVM functions as an independent device, akin to a rudimentary calculator, and does not require an external power source. Instead, they are fueled by an internal battery that BEL instals.

Raising Questions

India’s election authorities have consistently stated that voting machines cannot be tampered with, and physical interference, if any, is quickly detectable.

However, these claims have been disputed on several occasions.

In 2010, University of Michigan researchers attached a homemade device to a machine and were able to modify the outcome by sending text messages from a cell phone. Indian authorities denied the assertion, stating that simply obtaining the equipment to tamper with would be difficult.

In 2017, Saurabh Bharadwaj, an Aam Aadmi Party (AAP) politician, revealed how easily a dummy EVM could be hacked.

Bharadwaj alleged that a “manipulator” may enter the polling booth during voting and insert a unique secret code, directing the following votes to a specific candidate. He also stated that an EVM’s motherboard could be swapped in mere a 90 seconds. 

Can EVMs be Hacked?

In the 2011 municipal and state primaries in Pennsylvania (USA), experts concluded that their EVMs were remotely managed (controlled).

Indian electronic voting machines, on the other hand, operate differently. 

EVMS are stand-alone machines that are not networked or connected to the internet. Machines in the United States are connected to a server and operate through the internet, rendering them vulnerable to cyberattacks.

Layers Of Protection

EVMs can be hacked in two ways: wirelessly and wired. According to several cybercrime and election specialists, EVM hacking is a tremendously difficult task. EVMs are not networked devices, therefore hacking one would necessitate modifying the machine itself.

This means that anyone seeking to hack an EVM cannot do so remotely and must have physical access to the machines themselves, necessitating coordination with the EVM manufacturing authority, the ECI, and corporations that manufacture the chips used in EVMs.

EVMs are currently created by only two public sector units in India, and the engineers who make them have no idea where an EVM they have manufactured will be deployed.

First, take a quick glance at the conventional architecture of an EVM. Each one-time programmable microcontroller includes instructions for the machine, such as storing one vote in the EVM memory for candidate A when button A is pressed.

It is important to note that this device can only be programmed once. This means that the physical microcontroller chip must be modified EVM by EVM in order to change the microcontroller’s functionality.

This is not viable due to two factors. First, each saved programme has a checksum (derived from the unique sequence of instructions) that is recorded on the device. If a hacker successfully replaces all EVMs with new microcontrollers (by desoldering the old and soldering the new), the checksums will change, indicating a malicious attack.

Not pre-decided

In addition, the system in use today requires the EC officer to use double randomisation, meaning the EVM used in each polling booth is randomly assigned at the last minute. In addition, the candidate list and the order of the candidates in each EVM are not pre-decided. 

This means that there would be no way to change the microcontroller behaviour to favour a candidate in advance.

Next, we’ll look at the microcontroller’s associated memory, which stores results. This memory normally contains the number of votes for each contender. To gain access, hackers must physically open each EVM, bypass the microcontroller, read micro-traces, and modify memory contents.

By the way, when the results are announced, the total is also tallied, thus the hacker must exercise caution when changing the results to ensure that the total is preserved.

A successful hack would result in the physical destruction of the EVM and clear evidence of the attack.

Finally, someone may hack the EVM’s display, insert an alternate display unit, and display erroneous results. This would necessitate the production of new circuit boards ahead of time, as well as the repetition of many of the loops outlined above.

Again, it goes without saying that a simple inspection of the EVM (which is always conducted in public and in front of each candidate’s representatives) would disclose hacking.

Additional measures

Despite the numerous methods used to construct and design EVMs to prevent tampering, concerns regarding tampering persist. In the 2010s, the ECI opted to implement an additional layer of protection known as the Voter-Verified Paper Audit Trail (VVPAT).

The VVPAT enables each EVM to record each vote by generating a voter slip, which is displayed to voters. This serves two purposes: voters are quickly informed that their vote has been registered, and the slips are collected and counted at the end of the voting process.

In conclusion, while it is impossible to declare with absolute certainty that EVMs cannot be hacked, it is undeniable that EVMs are arguably the greatest voting technology available today. While they may have shortcomings, their built-in checks and balances create a system that is incredibly difficult to tamper with or hack into. 

📣 Want to advertise in AIM? Book here

Picture of Anshul Vipat

Anshul Vipat

Anshul Vipat is a tech aficionado, enthusiastic about the latest innovations in the digital world. He also holds keen interest in traveling, exploring and cooking
Related Posts
19th - 23rd Aug 2024
Generative AI Crash Course for Non-Techies
Upcoming Large format Conference
Sep 25-27, 2024 | 📍 Bangalore, India
Download the easiest way to
stay informed

Subscribe to The Belamy: Our Weekly Newsletter

Biggest AI stories, delivered to your inbox every week.

Flagship Events

Rising 2024 | DE&I in Tech Summit
April 4 and 5, 2024 | 📍 Hilton Convention Center, Manyata Tech Park, Bangalore
Data Engineering Summit 2024
May 30 and 31, 2024 | 📍 Bangalore, India
MachineCon USA 2024
26 July 2024 | 583 Park Avenue, New York
MachineCon GCC Summit 2024
June 28 2024 | 📍Bangalore, India
Cypher USA 2024
Nov 21-22 2024 | 📍Santa Clara Convention Center, California, USA
Cypher India 2024
September 25-27, 2024 | 📍Bangalore, India
discord-icon
AI Forum for India
Our Discord Community for AI Ecosystem, In collaboration with NVIDIA.