How would two people with burner phones communicate?

Burner phone numbers as an OTP 'equivalent'

You can think of the "identities" of those phones (phone number, SIM, phone itself/IMEI) as an equivalent of one-time pad encryption - you exchange the phone numbers (multiple) over a secure channel - e.g., when meeting in person; and then they're secure and provide no useful information (for network/metadata analysis) as long as you discard them after a single use.

In your proposed scenario, Jack would have picked up a bunch of prepaid phone cards and given you the list of those numbers. Afterwards, if you'd need to contact him, you would call the first number on the list, have your conversation, and after that you could both discard the phones. If you'd expect a future call, then you'd turn on the phones corresponding to the second item on your lists.

If you know Jack

A few weeks or months before the call, you could create a simple web page with a login wall and a signup page. In order to sign up, you need to write your phone number. By using standard measures, you can hide your access to the website, hide as much as possible the website in the deep web and protect the database.

You now need to tell Jack the URL: this can be done in different ways, including using a standard dead drop or - if you are Jason Bourne, it should be a piece of cake- by breaking into Jack's house and putting pieces of paper with the URL in the pockets of every trouser,jacket,etc. he uses (obviously the pieces of paper must not be handwritten, and you must check the absence of watermarks on the paper, so to avoid identification of the printer).

At this point, you and Jack separately buy your burner phones. Jack uses an open wifi network to access the website and write his phone number in the database. At a given time, you log in, retrieve the number from the website and write it. The website can be built in such a way to delete its content after been accessed twice. You are now ready to call Jack.

The tricky part is guaranteeing that the other phone number written in the database is actually Jack's and not Mike's (Adm. Michael S. Rogers). This can be achieved by agreeing codewords to be used at the beginning of the phone call (which can be written on the above-mentioned pieces of paper).

EDIT

Jeff Meden suggested the possibility of a man in the middle attack. Basically, the scheme outlined doesn't prevent Mike from replacing the number entered by Jake with his own number and setting up a relay to forward calls to Jake's burner phone. In this way, Mike could be able to listen the conversation between Jason and Jack.

This attack could be thwarted (thanks again to Jeff!) by encrypting the data entered in the database (in this case, Jack's number) with a pad written on the pieces of paper planted on Jack.

Of course, if a history mechanism doesn't exist, Mike could arbitrarily alter the ciphertext, knowing that if the corresponding plaintext is not a valid phone number, the call will not take place.

Burner phones may not typically be used like that, although they could be. To answer your little scenario, you can try area code tricks with hidden messages stored somewhere that's accessible to each of you.

This answer assumes you have to register the phone and provide details. If you don't have to register, this answer does not apply.

---

Area Code Registration Tricks

This is the first step. It's all in the area code. You both sign up in the same area, using two real addresses in the same zip code, in somewhat close proximity within the same hour.

They are not your addresses, but that doesn't matter. Many places in the U.S. require you to register with an actual address. Both of you will now be given similar phone numbers with the same area code, and the same local code:

1. Jason Bourne: 707-555-0001

2. Jack Bauer: 707-555-0100

You and Bauer will be using some kind of protocol, somewhere, somehow, where either of you can find the last four digits of each other's phone number using something that only the two of you know.

---

Hidden Messages

This is the second step.

1. Here's a rough example that is easy to understand: Bauer then posts something like ABAA. Your little "cipher" decodes A to 0, and B to 1. When decoded, this translates to 0100. And then you call 1-707-555-0100.

2. Hiding in plain sight is much better, as there are lots of ways to hide messages in every day sentences that don't stand out, or make people suspicious. Maybe you'll have a programmable answering machine where you can set the recording of a phone number that both of you know.

   *"Hi, mom. I'll be late to Christmas Dinner. My plane was delayed. It's really cold here. Literally 0 degrees. I'll arrive around 1 O'Clock. Save me some meatloaf! MOM! THE MEATLOAF! So cold... can you believe it? It's zero degrees!"

Even if someone decodes your little trick, they find four numbers. What are they going to do with it? There's a lot of different possibilities as to what those numbers mean. Good luck figuring it out. You should use something other than A=0, and B=1. It's just there are a rough example.