Don't depend on a single hash algorithm for incremental upgrades
Currently, our update-description files contain exactly one hashsum for every target file. If the algorithm we use has flaws, then we have problems. The approach APT uses is that instead, the package lists contain hashsums computed with different algorithms, for every file whose integrity/authenticity needs to be verified. We should probably do the same.
The most important thing to start with is probably to extend the IUK code, to make it able to verify an arbitrary number of hashsums. Note that the upgrade-description file format already supports shipping multiple hashsums.
Then, we can research the exact list of hashing algos we should use, probably starting with the same list as Debian (iirc: MD5, SHA-1, and a SHA-2 or two). It might make sense to add SHA-3 and the latest djb’s algorithm to the mix.