It's hard to solve this part of the problem using current wifi protocols. I think this is closely related to other problems that people have studied and I'm sure protocol improvements could be made using public-key crypto or HMAC. As an off-the-cuff example, when you join an encrypted network, it could tell you (over the encrypted channel) a shared secret to use when reconnecting. Then you could broadcast HMAC(secret, current time) or (nonce, HMAC(secret time, nonce)) and if the wifi network recognizes one of those broadcasts as directed to it, it could reply. An eavesdropper who doesn't know the secret wouldn't be able to determine which base station the mobile device was trying to contact.