Federal Information Processing Standard 181 defines a standard for an
automated password generator to be used in "all federal departments
and agencies where there is a requirement for computer generated
pronouncable passwords"... for passwords of between 5 and 8 characters
long.

Basically it's a generator which takes a good PRNG and a bunch of
fixed syllables (composed from lowercase ascii letters) and uses the
former to drive concatenation of the latter, producing at the business
end a "pronouncable password".

Reading FIPS181 (http://csrc.ncsl.nist.gov/fips/fips181.txt) one gets
a good feel for the reduction in search space that this algorithm
provides to the password cracker.

Section 2.4 cites that the algorithm is capable of producing
"approximately 18 million 6-character" passwords; compare this with
the set of 309 million lowercase 6-character passwords, and we see
that the lack of entropy in the output has reduced the search space to
about 5% of it's original size.

Interesting; from this basis we may pose the following student project:

--
1) Either:
	create an implementation of the FIPS181 algorithm with a
	backdoor, namely that you include the ability to drive the
	algorithm's PRNG input to the password generation routines,
Or:
	create an exhaustive word generator *and* a filter that will
	quickly identify an arbitrary text string as being a plausible
	output of the FIPS181 algorithm

2) Use your above software to create an exhaustive dictionary of *all*
possible N-character FIPS181 passwords, for values of N constrained by
your resources.

3) sort/uniq, dawg and gzip this dictionary and put it up on an
Internet FTP site, posting an announcement of a new Crack dictionary
containing all possible N-character plaintext federal passwords.

4) Write an essay describing your experiences of consequent federal
investigation, backbiting and paranoia.
--
To verify the feasibility of (3), the author can confirm that the
highly redundant 2Gb dictionary of all possible 6-character lowercase
passwords (newline separated) compresses to about 7Mb under dawg/gzip.
YMMV.
