diff --git a/src/cbc.rs b/src/cbc.rs
index e3ad2c0..efa51da 100644
--- a/src/cbc.rs
+++ b/src/cbc.rs
@@ -7,7 +7,7 @@ fn xor(a: &[u8], b: &[u8]) -> Vec<u8> {
         .collect()
 }
 
-fn enrypt_aes_128_ecb_block(key: &[u8], data: &[u8]) -> Vec<u8> {
+pub fn enrypt_aes_128_ecb_block(key: &[u8], data: &[u8]) -> Vec<u8> {
     let cipher_type = symm::Cipher::aes_128_ecb();
     let block_size = cipher_type.block_size();
     let mut encrypter = symm::Crypter::new(cipher_type, symm::Mode::Encrypt, key, None).unwrap();
@@ -20,7 +20,7 @@ fn enrypt_aes_128_ecb_block(key: &[u8], data: &[u8]) -> Vec<u8> {
     cipher[0..count].to_vec()
 }
 
-fn decrypt_aes_128_ecb_block(key: &[u8], data: &[u8]) -> Vec<u8> {
+pub fn decrypt_aes_128_ecb_block(key: &[u8], data: &[u8]) -> Vec<u8> {
     let cipher_type = symm::Cipher::aes_128_ecb();
     let block_size = cipher_type.block_size();
     let mut encrypter = symm::Crypter::new(cipher_type, symm::Mode::Decrypt, key, None).unwrap();
diff --git a/src/ctr.rs b/src/ctr.rs
new file mode 100644
index 0000000..a26c967
--- /dev/null
+++ b/src/ctr.rs
@@ -0,0 +1,37 @@
+use crate::bytes::Bytes;
+// use crate::cbc;
+// use openssl::symm;
+
+fn _xor(a: &[u8], b: &[u8]) -> Vec<u8> {
+    Iterator::zip(a.iter(), b.iter())
+        .map(|z| *(z.0) ^ *(z.1))
+        .collect()
+}
+
+pub fn _encrypt(Bytes(_key): &Bytes, Bytes(_data): &Bytes) -> Bytes {
+    // let block_size = 16;
+    let result: Vec<u8> = vec![];
+    // let mut prev_cipher: Vec<u8> = iv.to_vec(); // first xor input is IV
+    // for data in data.chunks(block_size) {
+    //     let xored = xor(&prev_cipher, data);
+    //     let mut cipher = cbc::enrypt_aes_128_ecb_block(key, &xored);
+    //     prev_cipher = cipher.to_vec(); // cipher is input for next xor
+    //     result.append(&mut cipher);
+    // }
+    Bytes(result)
+}
+
+pub fn decrypt(Bytes(_key): &Bytes, Bytes(_data): &Bytes) -> Bytes {
+    // XXX: does not handle padding for last block
+    // let cipher_type = symm::Cipher::aes_128_ecb();
+    // let block_size = cipher_type.block_size();
+    let result: Vec<u8> = vec![];
+    // let mut prev_cipher: Vec<u8> = iv.to_vec(); // first xor input is IV
+    // for cipher in data.chunks(block_size) {
+    //     let xored = cbc::decrypt_aes_128_ecb_block(key, &cipher);
+    //     let data = xor(&xored, &prev_cipher);
+    //     result.extend(data.to_vec());
+    //     prev_cipher = cipher.to_vec();
+    // }
+    Bytes(result)
+}
diff --git a/src/main.rs b/src/main.rs
index 3df20d3..edb91b3 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,6 +1,7 @@
 mod bytes;
 mod bytes_base64;
 mod cbc;
+mod ctr;
 mod ecb;
 mod parser;
 mod set1;
diff --git a/src/set3.rs b/src/set3.rs
index 3da6557..ba46f66 100644
--- a/src/set3.rs
+++ b/src/set3.rs
@@ -1,6 +1,7 @@
 use crate::bytes::Bytes;
 use crate::bytes_base64::BytesBase64;
 use crate::cbc;
+use crate::ctr;
 use rand::Rng;
 use std::io::{BufRead, BufReader};
 
@@ -95,5 +96,11 @@ pub fn challenge17() {
 }
 
 pub fn challenge18() {
-    println!("[xxxx] Challenge 18: ");
+    let key = Bytes::from_utf8("YELLOW SUBMARINE");
+    let cipher = BytesBase64::from_base64(
+        "L77na/nrFsKvynd6HzOoG7GHTLXsTVu9qvY/2syLXzhPweyyMTJULu/6/kXX0KSvoOLSFQ==",
+    )
+    .to_bytes();
+    let cleartext = ctr::decrypt(&key, &cipher).to_utf8();
+    println!("[xxxx] Challenge 18: {cleartext}");
 }