close
Advertisement

add The News to homescreen

tap to bring up your browser menu and select 'Add to homescreen' to pin the The News web app

Got it!

add The News to homescreen

tap to bring up your browser menu and select 'Add to homescreen' to pin the The News web app

Got it!
June 17, 2021

Int’l auditor finds i-voting system for overseas Pakistanis full of risks

ISLAMABAD: An international audit firm has reported that the existing i-voting solution for overseas Pakistanis has a number of shortcomings and does not fulfill the constitutional requirement of vote secrecy.

The report by the Spanish audit firm Minsait concludes: “As a result of the in-depth analysis of the existing i-voting solution, the audit team agrees that the system, at the state that has been shared with Minsait, does not fulfill the constitutional requirements of vote secrecy, and neither the voters nor the ECP would have any guarantee that the results obtained from the system represent the choices made by the voter.”

A third party audit was done for the government by Minsait for the analysis, design and implementation of internet voting for overseas Pakistanis. In its 231-page report, recently submitted to the government, the audit firm “strongly recommended” that the existing system be upgraded prior to being used in any election.

It warned that the technologies included by Nadra are outdated and vulnerable and could be exploited by attackers. I-voting would remain a risky affair even if the present system is improved, the report says, arguing that the resulting system would probably be more resilient than the current one but would still fail to give all the guarantees that voters and candidates deserve.

The report’s main concern is how to protect i-voting from external and internal attacks – for example by hackers or system administrators. The system must ensure that the vote is secretly cast against any third party, including system administrators and potential hackers, breaking the conventional security measures protecting the voting platform. .

According to the report, the results shown have been achieved after six weeks of audit work comprising the study of documentation, meetings and interviews with stakeholders, source code reviews and tests on the systems provided by Nadra.

“Minsait has done the best possible effort to analyse the situation of the existing i-voting system. Nadra and the ECP provided the information requested, but more detailed documentation would have helped understanding the system better,” said the report.

The report highlighted that in the present i-voting system for overseas Pakistanis, voters have no way of verifying that their vote was cast as intended, recorded as cast or counted as recorded. It added that voter privacy can be broken at several points in the system.

It also pointed out that the server technology and other elements used are outdated and with many known vulnerabilities; key management is inadequate for voting, the encryption process is very inefficient, not using homomorphic encryption; no information is digitally signed; there is no collective protection of private key by selected custodians, and there is no immutable technology being used to ensure the system as auditable.

In order to have a system that would fulfill the constitutional voter secrecy requirements and have the legitimacy that auditable results provide, Minsait recommends improving the system following the roadmap given in the report. “Every aspect on the list shall be implemented. By not implementing one or more of the items, the resulting system would probably be more resilient than the current one, but still would fail to give all the guarantees that voters and candidates deserve,” reads the report.

The recommended strategy as given in the report is as follows: Voter registration should be upgraded; the i-voting solution should be replaced by one that fulfills the requirements set; the weblogic server, operating system, database etc should be upgraded and patched; voter registration, while not being critical on the voter privacy aspect is a target for denial of service or voter impersonation attacks. Therefore, the integrity of the information and the resilience of the service are of paramount importance; voting application improvements; voter privacy improvements; auditability improvements; for the sake of integrity, a task should be implemented to verify the ballot box against the vote signatures on the blockchain, and implement a method for voters to query the blockchain to check whether their vote is in the ballot box (not revealing voter intent).

The report says that the ECP is the owner of the election process, while Nadra and other institutions are service providers. With this understanding, it is the recommendation of the audit team that the ECP should build the resources to control key areas of the i-voting process.

It also recommended legislative changes. The report says that The Election Act 2017 indicates that no voter shall be disenfranchised. “The audit team observes that the current process of having a single day for voting for voters abroad, and during the same time as the voters in Pakistan is, de facto, disenfranchising voters that live in other time zones like Australia or America.”

It added, “Most countries allow voters voting for abroad a period between 5 and 14 days to cast their votes from the remote locations.,” the report said, recommending, “the current legislation be reviewed to increase the voting period from abroad.”