A NIST 800-88 compliant method for safety erase for ChromiumOS devices

Currently Chromebooks encrypt all user data safely, and they get “erased” by simply erasing the vault containing the encryption key, making the data unreadable. While this is definitely a way to achieve the end goal of making user data unintelligible after the user decided to erase their device, it is not compliant with the current state of the art guidelines on media sanitization defined by NIST. The goal of this project is extending the current method for device safety erase, proposing a way to safely erase data from a Chromebook’s internal storage based on sanitize commands and compliant with the NIST 800-88 Guidelines for media sanitization. This method will also be used during the ChromiumOS powerwashing process.