Abstract: Wireless Local Area Networks (WLAN) are now being widely deployed for many applications, but security remains one of the most critical challenges yet to be fully addressed. Recently, a basic solution to this problem namely WLAN Authentication and Privacy Infrastructure (WAPI) provided by China Broadband Wireless IP Standard Group are proposed, which consisted of three versions. Nevertheless, this solution has some drawbacks: the Authentication and Key Exchange (AKE) protocols in WAPI cannot provide perfect forward secrecy. Moreover, the AKE protocol based on pre-shared keys of the last version of WAPI can be subject to off-line dictionary attacks. In this study, we first analysis the security of WAPI, then improvements on AKE protocols of WAPI are proposed.