Prince is a block cipher targeting low latency, unrolled hardware implementations. It is based on the so-called FX construction. Its most notable feature is the alpha reflection: the decryption is the encryption with a related key which is very cheap to compute. Unlike most other "lightweight" ciphers, it has a small number of rounds and the layers constituting a round have low logic depth. As a result, fully unrolled implementation are able to reach much higher frequencies than AES or PRESENT. According to the authors, for the same time constraints and technologies, PRINCE uses 6–7 times less area than PRESENT-80 and 14–15 times less area than AES-128.

The block size is 64 bits and the key size is 128 bits. The key is split into two 64 bit keys ${\displaystyle K_{0}}$ and ${\displaystyle K_{1}}$. The input is XORed with ${\displaystyle K_{0}}$, then is processed by a core function using ${\displaystyle K_{1}}$. The output of the core function is xored by ${\displaystyle K'_{0}}$ to produce the final output (${\displaystyle K_{0}'}$ is a value derived from ${\displaystyle K_{0}}$). The decryption is done by exchanging ${\displaystyle K_{0}}$ and ${\displaystyle K'_{0}}$ and by feeding the core function with ${\displaystyle K_{1}}$ xored with a constant denoted alpha.

The core function contain 5 "forward" rounds, a middle round, and 5 "backward" rounds, for 11 rounds in total. The original paper mentions 12 rounds without explicitly depicting them; if the middle round is counted as two rounds (as it contains two nonlinear layers), then the total number of rounds is 12.

A forward round starts with a round constant XORed with ${\displaystyle K_{1}}$, then a nonlinear layer ${\displaystyle S}$, and finally a linear layer ${\displaystyle M}$. The "backward" rounds are exactly the inverse of the "forward" rounds except for the round constants.

The nonlinear layer is based on a single 4-bit S-box which can be chosen among the affine-equivalent of 8 specified S-boxes.

The linear layer consists of multiplication by a 64x64 matrix ${\displaystyle M'}$ and a shift row similar to the one in AES but operating on 4-bit nibbles rather than bytes.

${\displaystyle M'}$ is constructed from 16x16 matrices ${\displaystyle M_{0}}$ and ${\displaystyle M_{1}}$ in such a way that the multiplication by ${\displaystyle M'}$ can be computed by four smaller multiplications, two using ${\displaystyle M_{0}}$ and two using ${\displaystyle M_{1}}$.

The middle round consists of the ${\displaystyle S}$ layer followed by ${\displaystyle M'}$ followed by the ${\displaystyle S^{-1}}$ layer.