Exact match vs. encrypted similarity on breach database
Enter a password to check
Enter a password to check
Traditional breach checking uses hash(password) for exact matching — but an attacker can easily guess near-identical variations that slip through.
This demo combines password embedding for similarity search with CKKS-based Private Information Retrieval (PIR), so the server never sees the password or its embedding — even during the breach lookup.