Tuesday, May 30, 2023

The murky side of the EMVs

Despite elaborate safeguards, Electronic Voting Machines (EVMs) which Botswana will use in the 2019 general elections are vulnerable to serious attacks.

EVM Software Isn’t Safe

The EVMs are safe and secure only if the source code used in them is genuine. India’s  EVM manufacturers, Bharat Electronics Limited (BEL) which will supply the machines to Botswana and Electronics Corporation of India (ECIL), have shared the “top secret” EVM software programme with two foreign companies, Microchip (USA) and Renesas (Japan) to copy it onto micro-controllers used in EVMs.

This process could have been done securely in-house by the Indian manufacturers. Worse, when the foreign companies deliver micro-controllers fused with software code to the EVM manufacturers, the latter cannot “read back” their contents as they are either OTP-ROM or masked chips. The software given to foreign companies is not even made available to the Election Commission, ostensibly for security reasons.

With such ridiculous decisions, the security of the EVMs has been rendered a mockery.

EVM hardware is not safe

The danger for EVM manipulations is not just from its software. Even the hardware is not safe. Dr. J. Alex Halderman, Professor of Computer Science at the University of Michigan says: “EVMs used in the West require software attacks as they are sophisticated voting machines and their hardware cannot be replaced cheaply. In contrast, the Indian EVMs can easily be replaced either in part or as wholesale units.”

One crucial part that can be faked is micro-controllers used in the EVMs in which the software is copied. EVM manufacturers have greatly facilitated fraud by using generic micro-controllers rather than more secure ASIC or FPGA microcontrollers.

Not just only micro-controllers, mother boards (cards which contain microcontrollers) and entire EVMs can be replaced. Neither the Election Commission nor the manufacturers have undertaken any hardware or software audit till date. As a result, such manipulation attempts would go undetected. To detect such fraud, the upgraded EVMs have a provision to interface with an Authentication Unit that would allow the manufacturers to verify whether the EVM being used in the election is the same that they have supplied to the Election Commission. The EVM manufacturers developed an “Authentication Unit” engaging the services of SecureSpin, a Bangalore-based software services firm. The Unit was developed and tested in 2006 but when the project was ready for implementation, the project was mysteriously shelved at the insistence of the Election Commission.

Vulnerability to hacking:

The Indian EVMs can be hacked both before and after elections to alter election results. Apart from manipulating the EVM software and replacing many hardware parts discussed above, Indian EVMs can be hacked in many ways. Two possibilities may be mentioned:  Each EVM contains two EEPROMs inside the Control Unit in which the voting data is stored. They are completely unsecured and the data inside EEPROMs can be manipulated from an external source. It is very easy to read (data from) the EEPROMs and manipulate them. The second and the most deadly way to hack Indian EVMs is by inserting a chip with Trojan inside the display section of the Control unit. This requires access to the EVM for just two minutes and these replacement units can be made for a few hundred Pula. By-passing completely all inbuilt securities, this chip would manipulate the results and give out “fixed” results on the EVM screen.

Contrary to claims by Indian election authorities, these paperless EVMs suffer from significant vulnerabilities. Even brief access to the machines could allow dishonest election “insiders” or other criminals to alter election results.

Who are these insiders?

Unlike in the traditional ballot system where only the election officials were the “insiders”, the electronic voting machine regime has spawned a long chain of insiders, all of whom are outside the ambit and control of the Election Commission. There is every possibility that some of these “insiders” are involved in murky activities in fixing elections. The “insiders” include the Bharat Electronics Limited (BEL) and Electronics Corporation of India (ECIL), the foreign companies supplying micro-controllers and private players engaged for checking and maintenance of electronic voting machines during elections.

A team of researchers showed precisely how a display component could be replaced with a fake substitute programmed to steal a percentage of the votes in favour of a chosen candidate. They also demonstrated how stored votes could be changed between the election and the public counting session, with a pocket-sized device. The team, comprising Hyderabad-based NetIndia, Dr J Alex Halderman, Professor & noted expert on electronic voting security from the University of Michigan and Holland-based security expert Rop Gonggrijp, was instrumental in the ban on EVMs in the Netherlands.


Read this week's paper