Election Commission and IIT-Madras working on E-Voting on a wrong platform

According to the news reports that are circulating, it is reported that the Chief Election Commissioner Mr Sunil Arora in an interaction with the IPS probationers at the SVP National Police Academy, Hyderabad has stated that 

“Election Commission is working with IIT-Madras on using Blockchain Technology for remote voting”.

This statement raises doubts on what exactly is in the minds of the EC and how IIT-Madras scientists are suggesting Block Chain technology for this purpose.

Block Chain technology per-se is a technology of “Authentication” of a transaction which is published to a large number of authentication agents, and the majority acknowledgement of the transaction is taken as a “Deemed Authentication”.

We donot know if the EC is referring to Block Chain technology in this sense or just referring to a “Secure Network” based transaction and wrongly labeling it as Block Chain technology.

In a connected statement, Mr Sandeep Saxena, Deputy Election Commissioner has stated that they will be using a “Controlled Environment”, “White listed IP devices” “Dedicated Internet lines” “Using biometric devices and web camera.”etc.

It is clear that Mr Saxena is speaking of a secure network and this is not the classical “Block Chain Technology”.

Instead of running behind a fad called “Block Chain Technology”, Election Commission should consider use of “Digital Signature” and “E Sign” to let voters vote by remote log in and this is acceptable in Indian law as of now. This can be supplemented with data pseudonymization to achieve the objective.

If the secured network technology as is suggested by Saxena is to be used, the process will have to be Section 65B (IEA) certified and otherwise it would not be legally admissible.

Further, the remote voting based on “Block Chain” technology if attempted would be an invitation for disaster similar to what happened in US elections this year where unaccounted postal ballots caused a disruption to the election system.

If Block Chain technology is used say even for validation of a voter, it has to be based on a confirmation received by a majority of owners of a block chain node either public or private. This network can be easily manipulated to create false IDs and fake Votes.

Hence “Block Chain” technology of the way we understand now cannot be used in the E Voting system. If the EC and IIT Madras have some other technology in mind, they should stop referring it to as “Block Chain Technology” as if it would increase the TRP of the statement.

I look forward to a clarification from the EC and IIT Madras to clarify what exactly they plan to do, why they donot want to use the existing digital signature and E Sign framework and why they are using the terminology of “Block Chain” in this context.

Additional Information Received

As per additional information available, the EC has clarified as follows:

When the vote is cast, the ballot will be securely encrypted and a blockchain hashtag generated. This hashtag notification will be sent to various stakeholders, in this case the candidates and political parties,” the official said.

The encrypted remote votes so cast will once again be validated at the pre-counting stage to ensure that they have neither been decrypted nor tampered with or replaced.

“Suppose there is a Lok Sabha election and a Chennai voter is in Delhi, instead of returning to vote in his or her constituency or missing out on voting, the voter can reach a pre-designated spot set up by the EC, say in Connaught Place, in a particular time window and can cast his vote,” Saxena had said.

EC has said such voters may have to apply in advance to their returning officers to exercise the option.

With this clarification, what the EC’s remote voting system means is  that a copy of the “Vote” would be hashed and the hash value would be sent to the stake holders and the EC. Hash tags of a vote to a given candidate will all be identical and therefore such votes can be segregated into votes for different candidates. This is like the physical ballot paper being put in different boxes. (In case the vote is encrypted before hashing, the confidentiality may be maintained. But the need for keeping the political parties informed is not clear)

The Name “Block Chain Technology” for this is not very appropriate.

Also since votes are cast in specific voting booths, the booth master has to conduct a KYC and the booth agents of all the political parties will be present in the booth. The system only means that instead of one EVM per constituency, the voter can use a virtual copy of EVM of any constituency in the booth and he can exercise his vote.

The block chain concept is only involved in the fact that if there are 5 political parties in the election, then all remote votes would be informed to all the five political parties as and when the vote is cast. If it is sent as soon as the vote is cast, as indicated by the EC, the political parties would come to know the vote cast immediately.

Though the parties may not know who has cast the vote, the number of votes polled for a political party will be known. This would amount to advance information on the polling trend. In case the votes are stored and the forward is initiated only on the counting day, then it would be similar to the current practice of counting postal ballots before the counting of other votes.

A question however arises that if it is possible to send the postal vote immediately in hash form to the parties, then why not introduce the same system for the normal EVM votes also which prints out the VVPAT slips. At the same time, the hash value can be sent to the parties.

However this would create a law and order situation as the losing party would immediately disturb the election process.

If such advance information can harm the normal voting system, then it is obvious that the suggested system is also wrong.

On the other hand, I recall that I had suggested a system of “Cyber Law Compliant EVM system” through this website sometime around 2000. (Refer here). Even a prototype was suggested for development by BEL. However at that time the technology of touch sensitive screens was expensive and the system was perhaps not commercially feasible. But now VVPAT system is in place and it is working well enough.

What can be done:

The postal ballot system can be introduced in a different manner as follows.

  1. Authentication of the voter has to be based on e-sign .
  2. Casting of vote is done by a virtual EVM created on the fly based on the constituency to which the voter is attached.
  3. The Virtual EVM would be displayed on a touch screen and when the voting button is pressed, the system should create a voting symbol on the screen (as if a rubber stamp has been put on a printed ballot), capture the screen image, calculate the hash value and store the hash value in a printer.
  4. Just like a serial number being present on the voter slip which is entered in the physical election booth under a serial number which can be linked to the specified VVPAT, it may be possible to establish a link to the digital signature with the actual vote cast through a serial number. To ensure privacy there may be pseudonymization of the digital signature record with the pseudonymization table being kept with an official other than the one who has control to the Virtual EVM.
  5. The Virtual EVM should be counted just like the other EVMs on the day of the counting but at one central place.
    1. At this time, the votes should be verified with the hash value once again to rule out any corruption or manipulation from the time of voting and the time of counting and then sent to the respective counting booth of the constituency through a digitally signed communication from the central counting booth to the constituency counting booth.
    2. Then it can be merged with the counting at that booth.
    3. The Ujvala-Bellur  e-document audit system can be used for the verification of the votes.

I hope this system can be given effect to.

 

Naavi

 

 

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.