Is there a reference for the above?

Not counting a brute force / dictionary attack, of course.

The downside of WPA is that a lot of older wifi gear doesn't support it, or doesn't work for reasons unknown. I've got several devices. A laptop with a Cisco 350 card which is one of the best wifi adapters for compatibility and performance (very cheap on Ebay, too) which should support WPA via the config in XP, but doesn't. (It supports a number of "corporate" WPA protocols such as EAP but without something like a decent Cisco AP (again, Ebay...) one can't use them.) An HP laptop, c. 2004, which should but doesn't. A few others that don't support it at all. The one adapter which works really well is the Linksys WPC54G, going on Ebay for about £10-15. It even works on WPA/PSK/TKIP when the SSID broadcast is disabled; once you set up the profile it just finds the AP all by itself without any interaction. It works with every AP I've tried so far.