Well, I'm not that expert, but I think here is the best place where I can discuss about this.

So, basically to crack a WPA network, you capture the handshake packets in order to obtain the key hash right? After that the only way to retrieve the plain text key is to perform a brute force attack on this hash, wait and pray.

The brute force attack provided by the aircrack suite usually tests 400 - 600 keys per second.

Recently I was looking for hash cracking when I found a technique called Time-Memory Tradeoff. They say its cappable of testing up to 100.000 keys per second (WTF?).

A benchmark is shown in the picture bellow:



This is from the Raibow Crack project, really worth take a look at it... Rainbow Project.

I was wondering if that wouldn't be usefull for also cracking WPA hash.

If I said anything stupid please let me know, I'm just trying to help anyway.