I guess most asymmetric schemes fall into this. 300 bits is quite a large chunk. Most schemes randomize, if possibly in a specific domain. For instance, removing 300 bits from a randomized RSA ciphertext would mean that the modular exponentiation would return the incorrect response - if it would execute at all (RSA explicitly requires a ciphertext that is the same size as the modulus size in bytes). Guessing 300 bits of what is essentially randomized data is computationally infeasible.

Note that if you'd use a deterministic scheme then you could try and guess the plaintext message, and then test if it generates the same ciphertext, after which you could decrypt. Generally we don't use deterministic schemes though.

Similarly, if you'd remove the entire ephemeral DH public key within an hybrid IES scheme then the receiver would not be able to calculate the (symmetric) secret used to encrypt the data.

For hybrid encryption an all-or-nothing transform could also be used, as indicated in the comment section.

Beware that there are many protocols and container formats out there. It is very possible that you remove 300 bits or 37 / 38 bytes from those and still be able to decrypt if you miss the actual ciphertext or an important part of header required derive the actual decryption key.