Let's assume $A$ sends $h =\text{Hash(pv||key)}$ to $B$ with $pv$ is a public $48$-bit information. The aim of attacker is to access $key$ given $h$. This is postfix construction.

The attackers must slightly modify the pre-image attack so that they must find not an arbitrary pre-image but they need to find one that has the $pv$ as the prefix. The must include all the input space to figure out the $key$

If we assume that $Hash$ is a secure cryptographic hash function like SHA2, SHA-3, BLAKE2, etc. then all are secure against all attacks. So. the only meaningful way is brute-forcing the input space. When the input space is small, we have the usual problem with the hash function; **small-input space problem**. In this case, the attacker can search the input space one by one with their possible massive parallel computers, ASIC/FPGAs, etc;

- Summit can reach $\approx 2^{74.6}$ hashes in one year.
- Bitcoin miners reached $\approx 2^{79.8}$ SHA-256D hashes per hour on 7 February 2021.

Therefore, we suggest the usual advice; increase the key size to > 128 for non-quantum adversaries or to 256 for all adversaries.

One may consider that; okay we send 256-bit then $B$ hashes it and trim to 72-bits. Don't do this since, in the attacker's sense, you are still using a 72-bit keyspace. When they have the change, they will attack where the 72-bit is used.

Keep the keys safe! Use effective 256-bit key.