We show the following results:
* NTRU is anonymous in the quantum random oracle model (QROM) if the underlying deterministic PKE is strongly disjoint-simulatable. NTRU is collision-free in the QROM. A hybrid PKE scheme constructed from NTRU as KEM and appropriate DEM is anonymous and robust. Similar results hold for BIKE, FrodoKEM, HQC, NTRU LPRime, and SIKE.
* Classic McEliece is anonymous in the QROM if the underlying PKE is strongly disjoint-simulatable and a hybrid PKE scheme constructed from it as KEM and appropriate DEM is anonymous.
* Streamlined NTRU Prime has an obstacle for the IND-CCA security proof as Grubbs, Maram, and Paterson pointed out that Kyber and Saber has a gap in the current IND-CCA security proof (Cryptography ePrint Archive 2021/708).
Those answer the open problem to investigate the anonymity and robustness of NIST PQC Round~3 KEMs posed by Grubbs, Maram, and Paterson (Cryptography ePrint Archive 2021/708).
We use strong disjoint-simulatability of the underlying PKE of KEM and strong pseudorandomness and smoothness of KEMs, which will be of independent interest.