Ever consider the possibility that your laptop client is mis-reporting the connection status? I played with a Belkin F5D7001 PCMCIA card that did exactly that. It reported all connections as not-encrypted.
"Open Authentication" is something different. It has to do with whether the system also uses the shared encryption key for partial authentication. The choices are usually "open" or "shared key". Shared key is a security risk as sniffing it give excessive clues as to the contents of the shared key. Open is considered to be the safer choice.
dd-wrt 2.3 is still in beta testing. Releases still seem to be arriving almost daily but the announcement on the home page implies that it's just about ready to be declared stable. Along the way, there were some bugs that involved WPA. I don't recall that this is one of them, but it might be worth updating to a later release and see if it fixes the problem.