Quick back of the napkin guess about the government's current ability to crack passwords... There are probably a lot of flaws in reasoning. Feel free to point them out and I will adjust accordingly.
In 1998 the EFF built a machine called Deep Crack for about $250,000. It was capable of checking 90 Billion 56 bit DES encryption keys per second which means the whole keyspace could be searched in about nine days.
Speculation begins here...
Assumption 1: Moore's Law holds when it comes to dedicated decryption hardware. If you could check 90 Billion 56 bit keys per second in 1998 for $250,000, and there are (rounding up) seven doublings over the ensuing 13 years, then you could check 2^7 * 90,000,000,000 = 11,520,000,000,000 56 bit keys per second in late 2011 for $250,000.
Assumption 2: You can check 2 AES keys (regardless of size) in the time you can check one 56 bit DES key. This puts the late 2011 capability at 23,040,000,000,000 keys per second for $250,000 dollars.
Assumption 3: The federal government can afford a lot more than $250,000 for a password cracking rig. I figure $10 Billion is an entry level price before it starts to attract attention, so that ups the capability by about 40,000 times to 921,600,000,000,000,000 keys per second.
That puts us at about 913 quadrillion keys per second capability in late 2011... Or about 92,160,000 keys per second per dollar spent...