We give an outline of the specification and provable security features of the QUAD stream cipher proposed at Eurocrypt 2006 [6]. The cipher relies on the iteration of a multivariate quadratic function over a finite field, typically GF(2) or a small extension. In the binary case, the security of the keystream generation can be related, in the concrete security model, to the conjectured intractability of the MQ problem of solving a random system of m equations in n unknowns. We show that this security reduction can be extended to incorporate the key and IV setup and provide a security argument related to the whole cipher. We also briefly address software and hardware performance issues and show that if one is willing to pseudorandomly generate the systems of quadratic polynomials underlying the cipher, this leads to suprisingly inexpensive hardware implementations of QUAD. Key words: MQ problem, stream cipher, provable security, Gr¨obner basis computation