Ballot box is past,
EVM present and e-voting could be the future
IN a few years, voters in democracies around the world may be casting their votes in their pyjamas from their homes. Polling stations and booths, as we may know them now will become extinct. Electronic Voting Machines (EVMs) connected to the Internet will record votes and declare results moments after voting closes. Information about parties, issues and candidates will be available online to help voters decide. Computer scientists all over the world are developing newer technologies to make this dream a reality. The new technology promises to make voting more convenient and less prone to fraud. Experts feel the realisation of this dream will make elections more legitimate through higher voter turnout and increased faith in the democratic system of government. However, the transition from EVMs to remote electronic voting, now called e-voting, raises several technological issues that needs to be addressed before the dream turns into reality.
In the computer world,
votaries of e-voting argue that the success of e-commerce should pave
the way for e-voting. But the extent of abuse of e-commerce can never be
tolerated in an e-voting system and as such e-voting technology has to
be much more trustworthy than existing e-commerce solutions. The success
of any democratic system depends upon the faith of the voters in the
system itself. Thus any e-voting technology must address five main
concerns. Firstly, the system has to be accurate. This means that it is
not possible for a vote to be altered, it is not possible for a
validated vote to be eliminated from the final tally and that it is not
possible for an invalid vote to be counted in the final tally. Secondly,
the system has to be fully democratic in the sense that it permits only
eligible voters to vote and that it ensures that each eligible voter can
vote only once. The next is privacy. The new system must be capable of
ensuring that neither election authorities nor anyone else can link any
ballot to the voter who cast it and that no voter can prove that he or
she voted in a particular way to prevent voters from selling their
votes. Next comes verifiability. The e-voting system must also be able
to independently verify that all votes have been counted correctly. Then
comes convenience. A convenient system allows voters to cast their votes
quickly and with minimal equipment or special skills. Finally the new
system must be flexible. Experts define a flexible e-voting system as
one which allows a variety of ballot formats.
In the USA, the feasibility of remote electronic voting in public elections is currently being studied by the National Science Foundation. Experts there are grappling with some primary concerns. These include:
Coercibility (the danger that outside of a public polling place, a voter could be coerced into voting for a particular candidate), vote selling (the opportunity for voters to sell their vote), vote solicitation (the danger that outside of a public polling place, it is much more difficult to control vote solicitation by political parties at the time of voting) and registration (the issue of whether or not to allow online registration, and if so, how to control the level of fraud). Internet security experts point out that at present the vulnerability of the Internet to denial of service attacks, and the unreliability of the Domain Name Service is proving to be a major hindrance in the development of e-voting technology. They say one reason why remote electronic voting presents such a security challenge is that any successful attack would be high profile, a factor that motivates much of the hacking activity to date. Even more frightening aspect is that the most serious attacks would come from someone motivated by the ability to change the outcome of the poll without anyone noticing. The adversaries to an election system are not teenagers with PCs in garages but foreign governments and powerful interests at home and abroad.
The first requirement for any future e-voting system working on the Net is the voting platform which means the host systems as we know them now. These hosts can be easily attacked through malicious payloads. Though there are thousands of malicious programs doing the rounds of the Net, just one example is enough to illustrate what these could do to an e-election as of today. The freely available Backorifice 2000 (BO2K) is packaged and distributed as a legitimate network administration tool. It is useful as a tool for enhancing security. It runs in stealth mode. The open source nature of the program means that an attacker can modify the code and recompile it in such a way that it can evade detection by security defence software. It has a remote control system that when installed on a machine, enables a remote administrator (or attacker) to view and control every aspect of that machine, as if the person were actually sitting at the console. Experts say it is too much to expect that an average Internet user participating in an online election from home can detect the presence of BO2K on his or her system. Since it can be installed remotely on a user's computer without his knowledge this program will enable an attacker to control every aspect of the voting. The hacker can intercept any action of the user, modify it without his knowledge, and install any other program of the attackers choice on the voting user's machine. The program also monitors every keystroke typed on the machine and has an option to remotely lock the keyboard and mouse. Any hacker can thus influence the outcome of the election by installing such programs on a Net user's while he or she is online.
Viruses and Trojans
E-voting technology developers also cite Chernobyl virus as an example of the security concerns they must address in the e-voting technology. This virus created panic in Asia in 1999 when millions of machines were rendered useless by the virus. Chernobyl can modify BIOS (part of the computer that initialises and manages the relationships and data flow between the system devices, including the hard drive, serial and parallel ports, and the keyboard) of a computer in such a way that it cannot boot. They point out that widespread activation of such a virus on the day of an election could disenfranchise thousands of voters, as their hosts would not be usable. This threat is made more serious by the possibility that the spread of the virus could be designed to target a particular group, thus having a direct impact on the outcome of the election. Malicious codes can be delivered by e-mail automated delivery. Melissa and ILOVEYOU e-mail viruses are by now well known. These when unleashed disrupted Internet temporarily. Should that happen on a polling day, it could ruin the whole election. Avi Rupin, an expert in software security systems says, "Perhaps the most likely candidate for delivering a widespread attack against an election is an ActiveX control, downloaded automatically and unknowingly from a Web server, which installs a Trojan horse (hidden program) that later interferes with voting. Several documented attacks against Windows systems operated exactly this way. In fact, any application that users are lured into downloading can do the same. This includes browser plug-ins, screen savers, calendars, and any other program that is obtained over the Internet. Another danger is that the application itself may be clean, but the installer might install a dynamically linked library (DLL) or other malicious module, or overwrite operating system modules. The number of ways is legion, and most users are not aware of the dangers when they add software to their computers. As long as there are people out there who download and install software over the Internet onto today's personal computers running today's operating systems, it will be easy for attackers to deliver code that changes their votes, to peoples' computers".
Despite the obvious odds, votaries of e-voting are devoting great amounts of energy to the development of defences against such attacks. They also face the problem of making software that will satisfy the law of the nations in which such a system is used. Most countries till now have no law relating to remote e-voting. In the USA some progress has been made in this regard. E-voting technology developers obviously have a long and arduous journey ahead of them. It is one thing to cast your vote on the Net for instant opinion polls, but when it comes to voting to elect governments, the stakes are the highest. Yet, industry experts predict, such a system could be in before the end of the decade in the USA.
However, India could take much longer
than that because of low literacy as well as low computer literacy
levels. But, Indian voters have shown remarkable adaptability to new
technology as is evident from the widespread use of EVMs within four
years of their introduction. Perhaps to begin with, once an e-voting
system is in place in the developed world, India could experiment by
allowing at least voters in the four metros to cast their votes for
their respective local bodies through the Net. Who knows e-voting may
repeat the history of EVMs in the next few years.