Note that general-purpose hash functions often end up needing cryptographic behaviour. E.g. there was a recent-ish spate of DoS attacks on web frameworks that would pass query parameters via a (general-purpose) hashmap - by sending a large number of query parameters that has to the same thing you could force the webserver to spend a lot of processing time building the map.
It seems like for purposes of DoS attack resistance, you could pretty easily design a hashtable that starts with a fast hash and switches to a cryptographically secure one if it detects an attack (if the biggest single bucket/chain gets over a certain size, for instance).
User input is user input, though, and should always be treated as a potential attack. Hashtables always need to perform acceptably under malicious input. Regexes are another piece of technology that must be specifically hardened that are often not considered as an attack vector.
I think most languages now just seed a random nonce in the hash function so you can’t predict it. Another option might be to use a different datastructure for untrusted input maps. Here is one such structure: https://cr.yp.to/critbit.html
Note that general-purpose hash functions often end up needing cryptographic behaviour. E.g. there was a recent-ish spate of DoS attacks on web frameworks that would pass query parameters via a (general-purpose) hashmap - by sending a large number of query parameters that has to the same thing you could force the webserver to spend a lot of processing time building the map.
It seems like for purposes of DoS attack resistance, you could pretty easily design a hashtable that starts with a fast hash and switches to a cryptographically secure one if it detects an attack (if the biggest single bucket/chain gets over a certain size, for instance).
User input is user input, though, and should always be treated as a potential attack. Hashtables always need to perform acceptably under malicious input. Regexes are another piece of technology that must be specifically hardened that are often not considered as an attack vector.
I think most languages now just seed a random nonce in the hash function so you can’t predict it. Another option might be to use a different datastructure for untrusted input maps. Here is one such structure: https://cr.yp.to/critbit.html