EVM challenge to begin on June 3: Hack it if you can, says EC to parties

EC's guidelines for hacking EVMs have not sat well with the AAP

The Election Commission (EC) on Saturday offered its electronic voting machines (EVMs) to be hacked under a "Framework of Challenge" from June 3.

The move comes after some political parties, including the Aam Aadmi Party (AAP), Bahujan Samaj Party (BSP) and Trinamool Congress, have alleged that EVMs can be tampered with and that such tampering took place during the recently concluded state Assembly polls and Delhi civic body polls.  

Foreign experts have been barred from participating in the challenge.

For its part, the commission insists that the machines cannot be tampered with in its custody. It held a demonstration of the EVMs equipped with Voter Verifiable Paper Audit Trail System (VVPAT) machines to prove its point that they cannot be tampered with or manipulated either at the manufacturing stage or during polling, storing and counting.

Chief Election Commissioner Nasim Zaidi announced the schedule for the 'EVM Challenge' under a framework of conditions decided by the Commission. Those unable to prove their point will be dubbed to have failed the test.

He said it will be open to national and state parties which took part in the recent elections in Uttar Pradesh, Uttarakhand, Punjab, Goa and Manipur and claimed that the EVMs were tampered or could be tampered even under the poll panel's safeguards.

The exercise may last four-five days depending on the number of parties expressing interest. A decision will be taken whether to allow the media to witness it, he said.

The parties should prove their claims within the administrative and security protocols prescribed by the Commission at its headquarters from June 3, Zaidi said.

Any party which wants to join the challenge can confirm its participation by May 26. If its representatives fail to turn up on the appointed day and time, they will forfeit their right to take part in the challenge.

What is the exact challenge

The 'Challenge Statement I' says that participants will have to prove that the EVMs used in the five states were tampered to favour a candidate or a party by altering their results stored in the EVMs after the polls.

The claimants will have to alter the results in the Control Units used during these polls in exactly the same scenario as the EVMs remaining within the safeguards of the EC after the polls.

This covers the period of storage in strong rooms or during counting by pressing a combination of keys on Control Unit (CU) and Balloting Unit (BU) or by communication to the CU or the BU or both via external wireless, Bluetooth or mobile phone.

'Challenge Statement II' asks participants to prove that the EVMs used in the five states were tampered before or during polling.

The claimants will have to alter the results in the EVMs used during the polls in exactly the same scenario as the EVMs remaining within the safeguards of the EC before the poll in strongrooms or during polling. 

AAP doesn't like EC's conditions

The AAP said on Saturday that it will meet the EC in two days to seek clarity on the proposed EVM hacking challenge.

Without revealing whether it will take part in the challenge, AAP leader Sanjay Singh said there was no clarity in the EVM hacking challenge.

Earlier, AAP party leaders had sought to demonstrate in the Delhi assembly that the machines could be hacked. 

"In two days, a delegation of our party will meet the EC and seek clarity on the proposed EVM challenge to better understand the terms and conditions," Singh told reporters.

Singh said that the EC had issued certain guidelines regarding the proposed hacking which were not fair. Hacking, he said, cannot be done under guidelines.

"There should be no guidelines for hacking EVMs. EVMs cannot be hacked by reciting mantras. One will need to open it... EVMs can be tampered by changing the motherboard. We showed this in the Delhi Assembly," Singh argued.

Another AAP leader, Atishi Marlena, said that the codes were programmed in the motherboard of the EVMs. So, it will be needed to reprogramme the EVMs' motherboard by opening it, Marlena added.

"Our delegation will also ask the EC whether it will allow the AAP experts to change the motherboard and let them take inside the tools during the challenge," she said.

Zaidi sticks to his guns on EVM security

Zaidi asserted that the machines can't be tampered with through external hardware -- wireless, WiFi, bluetooth device or mobile phones -- nor can they be manipulated at the manufacturing stage because of strict security protocol.

He said the results can't be altered by activating a Trojan Horse through a sequence of key presses because the micro-chip is programmed for one-time use only.

The EVMs can't be physically tampered with nor can their components be changed without anyone noticing, he said, adding the latest technological features make them tamper-proof with features like OTP micro-controllers, dynamic coding of key codes and other measures, he said.

Zaidi said the Commission does not use EVMs made abroad. These are produced through public sector manufacturers — BEL in Bengaluru and ECIL in Hyderabad.

"The software programme code is written in-house by these two companies, not outsourced, is approved by the Technical Evaluation Committee of ECI and subjected to strict security procedures at factory level to maintain the highest levels of integrity," Zaidi said.

The poll panel said each party can nominate up to three persons to take part in the challenge. However, EVMs involved in any election petition or ordered to be sealed by courts will not be available for the challenge.