Of course, I chose the extreme; but combining a few simple Knuth's modular hashes, whose multiplers are different primes (which can even be also randomly selected from a known set of primes when creating the hashmap, or when reindeing it), is genrally enough to resist most attacks without much cost.
I said SHA* are fast by experience with today's implementations (may be they are slow in the current Lua-only libraries, but Lua should provide a set of secure hashes by default because it has many usages.
And if your Lua table is indexed by keys that are critical data which have to be secured for privacy reasons (notably against response time-based side channels), you have to think about secure hashes.
If your hash function is still using a single basic Knuth multiplier with a small prime (like 17 or 21), your table is easily attackable and it is better to choose a large enough prime (at least 15 bits).