Mathematics of EVM Hacking: A Reply to Kannan Gopinanthan’s Letter to Election Commission

#ViewsStrictlyPersonal

In his brilliant piece here, ex-IAS Kannan Gopinathan sir writes a letter to the CEC highlighting potential vulnerability of EVMs towards hacking. Brilliant, pure genius! This is easily the most logical and serious critique of EVMs’ vulnerability towards hacking I have come across. Hats off and huge respect for him.

Now I don’t know whether EVMs can be hacked or not. I am not qualified to answer that. However, let me just assume whatever he says is true. And then let us ask, what is the probability of the nation knowing, if indeed EVMs are systematically hacked.

There is a crucial step during the counting which, as a gold standard, can tell us whether EVMs have indeed been hacked or not. We assume that the paper slips of VVPAT represent the true vote, so the various candidates’ votes counted from EVM should match those counted from VVPAT paper votes. As per Election Commission’s guidelines, in every assembly constituency (and one lok sabha constituency contains many assembly constituencies) 5 EVMs’ votes should be 100% verified against the VVPATs’ votes. This meant that in the 2019 lok sabha elections, 20,625 EVMs were manually and 100% verified against the VVPATs. This counting takes place on a separate counter in the counting room only. Counting agents of all candidates are present on that counter just like all other counters. Each paper vote is shown to all counting agents present before being counted. Finally the tally is matched with EVM’s results. Thus there is absolutely no way this counting can be fudged or managed, hence it serves as our gold standard.

So our question really becomes, if indeed some EVMs are hacked, what is the probability of catching the hacked EVMs in this VVPAT-EVM matching? To do this, lets take 2019 lok sabha election data as shown below from (1) to (7). There amount to be about 3002 EVMs used in each constituency and out of these 38 are randomly picked up for our gold standard testing at the counting time.

Now it is clear that the higher the number of EVMs rigged, the higher the probability of it being caught in this test. So anyone who wants to influence the election results and do so silently, would want to rig the minimum number of EVMs which is sufficient for him. And he would do so only in those constituencies where there is a close fight or so. Although we take various scenarios and present results for the same, in the example below, let us assume that the party rigging the EVMs did so in only 50 lok sabha constituencies and even in those just 1% of EVMs in each constituency or about 30 containing about 11,050 votes on average were rigged.

Now what is the probability that in this constituency, when we pick 38 EVMs at random for testing, none of these 30 rigged EVMs turn up (and we ain’t caught)? Well the number of non-rigged EVMs is 3002-30 = 2972. So if we select any 38 out of these 2972 good EVMs, we won’t get caught. There are 2972C38 or 2972!/(38!*2934!) (where n! is n-factorial or n * n-1 * n-2… * 2*1) ways of choosing the good EVMs. And total number of ways of choosing 38 EVMs for testing out of the 3002 EVMs is 3002C38 or 3002!/(2964!*38!). Thus the probability of picking up only good EVMs in this testing per constituency is the former divided by the latter or 0.68 in this case. This means there is 1-0.68 or 32% chance that if 1% EVMs are rigged in this lok sabha constituency, it would get caught! Fairly high? Not so high? Ok. This is just for 1 constituency. What is the probability that despite rigging in 50 constituencies, none of it shows up in the gold standard testing? It is easy… 0.68 * 0.68 * 0.68 *…. 50 times. Because 0.68 is the probability of not getting caught in 1 rigged constituency, there are 50 rigged constituencies and we don’t want to get caught in any rigged constituency so in reality the probability would be 0.68 ^ 50 which is almost 0. So the probability of EVM hacking getting caught in this gold standard testing across the country in this scenario is really almost 1 which means that literally there is no way EVM hacking will go uncaught!

1. Total number of parliamentary seats543
2. Total number of EVMs used in 2019 lok sabha elections (ECI data)1630000
3. Average number of EVMs per constituency ((2)/(1))3002
4. Total number of EVMs tested against VVPAT in the country (ECI data)20625
5. Avg no. of EVMs tested per constituency ((4)/(1))38
6. Total number of votes polled (ECI data)600000000
7. Avg votes polled per EVM ((6)/(2))368
Assumptions 
8. Total constituencies rigged50
9. % EVMs rigged per constituency1.00%
10. Total EVMs rigged per constituency ((9)*(3))30
11. Total votes rigged per constituency ((10)*(7))11050
To ensure that in the number of EVMs tested, the rigged EVMs don’t show up 
12. No. of non rigged EVMs ((3)-(10))2972
13. Ways of selecting non rigged EVMs for testing ((12)C(5))1.42617E+87
14. Ways of selecting EVMs at random for testing ((3)C(5))2.09391E+87
15. Probability of selecting only non rigged EVMs in testing in 1 constituency ((13)/(14))0.68
16. Probability of selecting at least 1 rigged EVM in testing in 1 constituency (=1-(15))0.32
17. Probability of selecting only non rigged EVMs in whole country ((15)^(8))0.00
18. Probability of selecting at least 1 rigged EVM in testing in whole country (=1-(17))1.00000

If we change the assumptions regarding the percentage of EVMs being hacked in one constituency and the number of constituencies where EVMs are hacked, the results of probability of getting caught are presented in the tables below. See yourself!

Thus table 1 tells you that if a party hacks say 1% of EVMs in a constituency, it can on an average influence only 11,050 votes and runs a 32% chance of getting caught. If it wants to rig more votes say about 55,000 it has to rig 5% EVMs but this increases its probability of getting caught to 86%. In a lok sabha constituency, there are typically over 11 lakh votes polled. So decide for yourself, is it worth the risk?

In Table 2 below, one can see the probability of getting caught if one party tries to manipulate EVMs in multiple constituencies. So lets say if it hacks 1% EVMs in just 25 constituencies, there is a 99% chance it will get caught somewhere! Definitely not worth the risk.

While Kannan sir has highlighted a potential vulnerability, some elementary math here tells us it is still a distant dream to hack EVMs and systematically impact Indian elections!

21 Replies to “Mathematics of EVM Hacking: A Reply to Kannan Gopinanthan’s Letter to Election Commission”

  1. Benefits of being an engineer and mba graduate in apex public administration 😂👍👍
    Awesome presentation sir… between proclaimed falsification Vs proven factually

    Like

  2. If views are strictly personal why are they seen here? Further this all energy burn is on the assumption that EVMs are hacked!
    My strictly personal opinion is that it is just a far stretched conclusion and rumour mongering…

    Like

  3. Why to keep the voter in doubt whether his vote has been gone to the candidate of his choice or not. To clear all the doubts simply shift to ballot paper. America Japan Germany are all more advanced than us and rejected EVMs so why it is being imposed on us. Only vested interests are glorifying the use of EVMs to their political benefits. EVMs cannot be hacked but can be programmed to give desired results.

    Like

  4. Well sir I believe that you are a very good mathematician. One of the best I have ever seen (because of the way you expressed the whole algebra and probability). But don’t you think that it is possible to manipulate the evm before the voting starts. I am saying this because I had an encounter with the figure manipulation in my constituency. There are a total of approx 850 voters in my locality ( almost all of them are RJD supporters) but when the votes were counted only 183 votes were in the evm even though almost every one voted.
    So sir can you please tell me is it possible that the evm can be hacked that way. And also I would like to draw your attention to the vedio of the AAP mla who showed practically that the evm can be hacked in the Delhi assembly.
    I hope I didn’t offend you and that you will explain the problem I am facing( mistrust in evm).

    Like

  5. You are right sir. EVM is checked before vote in front of all party agents and then they are sealed in front of them. Some EVM are checked with 1000 mock votes. On poll day mock poll is a must and it is done in front of the party agents at least 50 in number.

    Like

  6. His theory is correct only “if” their is random selection of EVMs for manually counting.
    If random selection is actually not random, then the theory fails altogether.

    Like

  7. Agreed. The scenario is systematic hacking of a few EVMs. But, what is the VVPAT slips are also manipulated along with vote count? What will happen then ? Because, the average voter do not notice the VVPAT slip and even if some voter manage to notice any probable discrepancy, there is no solution to his grievance. If, he complains to the officials, nothing will happen, no action will be taken. The solution is to provide with another button and only after the voter verifies his Paper Trail and only after pressing the 2nd ZOK button, the paper trail will fall into the box. That way there will not be any possibility of hacking.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s