Now, again, could I somehow direct your attention away from speculations and to what we are ACTUALLY doing (as, again, documented here , and now here as well ).
1. We are not doing plain encrypt-and-mac.
2. The SHA1 in question is for raw unencrypted data.
3. The message key is SHA1-dependent.
4. Note that the AES key and iv depends on that SHA1.
This can be described as a generic composition of cipher with ciphertext, encrypted by a MAC. The resulting data-dependant variable key denies all common attacks.
As for KDF, what particular solution do you have in mind? And even then — certainly, alternative solutions exist, but we do not see how changing this point would affect our system as whole. 
As stated before, we'd welcome any information on attacks that could in reality threaten the actual setup.
 - http://core.telegram.org/mtproto/description
 - https://core.telegram.org/img/mtproto_encryption.png