Previously cracking a WPA password required a lengthy and time consuming dictionary brute-force attack. However, Erik Tews a security researcher will demonstrate the first practical approach at the upcoming PacSec conference.
The attack is yet to be detailed in full but involves a "mathematical breakthrough" to reduce the computational requirements of breaking the algorithm. Once the approach is demonstrated in public, Tews intends to write it up as an academic paper. Once the details are in the public domain it is only a matter of time before software to implement the attack is released.
Elements of the attack are in the tkiptun-ng tool created by Martin Beck aka hirte, a member of aircrack-ng team. This tool is able to inject a few frames in a WPA TKIP network with QoS. He worked a few weeks ago with Erik Tews (who created PTW attack) for a conference in PacSec 2008: "Gone in 900 Seconds, Some Crypto Issues with WPA".