How to find the extractor in the Knowledge-of-Exponent Assumption?

From Mihir Bellare's paper

Let $q$ be a prime such that $2q +1$ is also prime, and let $g$ be a generator of the order $q$ subgroup of ${Z^∗}_{2q+1}$. Suppose we are given input $q$, $g$, $g^a$ and want to output a pair $(C, Y)$ such that $Y = C^a$. One way to do this is to pick some $c \in Z_q$, let $C = g^c$, and let $Y = (g^a)^c$. Intuitively, KEA1 can be viewed as saying that this is the "only" way to produce such a pair. The assumption captures this by saying that any adversary outputting such a pair must "know" an exponent $c$ such that $g^c = C$. The formalization asks that there be an "extractor" that can return $c$.

I understand up how to find a pair $(C, Y)$ such that $Y = C^a$ by choosing any $c \in Z_q$

However, I am confused about what "extractor" means here. Does it mean given the pair $(C, Y)$ one has to find the $c$ which was used to calculate the $C$? If yes, how do we find the $c$ given just $(C, Y)$?

Or does it mean something else?

If we look at the references paper 11, all will be more clear and this is how we read papers; by looking at references.

Abbreviations

• DHA : Diffie-Hellman assumption
• SDHA-1: Strong Diffie-Hellman Assumption -1

Assumptions 8 is about what KEA1 talks about; (SDHA-1). With proposition 9 it is shown that under SDHA-1, DHA holds ( SDHA-1 $\implies$ DHA). KEA-1 is a restatement of this proposition;

KEA1: For any adversary $A$ that takes input $q, g, g^a$ and returns $(C, Y )$ with $Y = C^a$ there exists an “extractor” $\bar{A}$ , which given the same inputs as $A$ returns $c$ such that $g^c = C$. I.e. such $\bar{A}$ is called extractor.

I.e words, if adversary $A$ solves SDHA-1 then $\bar{A}$ ( called extractor) can solve the DHA.