@pragmatic: Well done with the description

The reason why WPA2 handshakes are so slow is due to the computationally intensive task of calculating the PMK.

If I remember correct, per the specification, the exact syntax for calculating the PMK looks like this:

PMK=PBKDF2(PSK, SSID, SSID.length, 4096, 256);

And the salt is the SSID and not the PSK (please correct me if I am wrong)

256 bits is the length of the output key.

PDBKDF2 like any other key derivation function depends on an underlying pseudo random function which in this case is HMAC SHA1.

I think time taken to compute the PTK is very less compared to PMK computation. As soon as PTK is calculated, the MIC is derived from it.

How different is HMAC SHA1 from a SHA1 cryptographic hash function?

I did not get the time to read through it.

The concept of precomputed rainbow tables is that for a specific ESSID, the PMK is already computed.

For every word in a wordlist, combine it with the ESSID according to the above syntax and calculate the PMK.

So, the rainbow tables you are referring to are precomputed PMKs which reduce the time significantly since the most computationally intensive task in WPA2 cracking is PMK computation.

The reason why WPA2 handshakes are so slow is due to the computationally intensive task of calculating the PMK.

If I remember correct, per the specification, the exact syntax for calculating the PMK looks like this:

PMK=PBKDF2(PSK, SSID, SSID.length, 4096, 256);

And the salt is the SSID and not the PSK (please correct me if I am wrong)

256 bits is the length of the output key.

PDBKDF2 like any other key derivation function depends on an underlying pseudo random function which in this case is HMAC SHA1.

I think time taken to compute the PTK is very less compared to PMK computation. As soon as PTK is calculated, the MIC is derived from it.

How different is HMAC SHA1 from a SHA1 cryptographic hash function?

I did not get the time to read through it.

The concept of precomputed rainbow tables is that for a specific ESSID, the PMK is already computed.

For every word in a wordlist, combine it with the ESSID according to the above syntax and calculate the PMK.

So, the rainbow tables you are referring to are precomputed PMKs which reduce the time significantly since the most computationally intensive task in WPA2 cracking is PMK computation.