Cloning a root partition onto a dm-crypt encrypted one

I have Gentoo Linux installed on a 25.93GB/62.43GB partition /dev/sda4.
The other partitions on the disk are 150MB /boot on /dev/sda1 and 56,66GB unused space on other two partitions.

I am planning to encrypt the unused space with dm-crypt, format it to ext4 and after migrating my installation onto it, to nuke the old partition. My questions here are:

• Is this possible at all? Or would it require many tweaks to get the installation running on the encrypted volume /dev/sda2?

• Is this an efficient way? Taking into consideration my 25.9GB Gentoo, would it be less hassle for me if I just encrypted the whole disk and installed Gentoo(and all the packages) again?

• Should I use encfs or ecryptfs instead of dm-crypt here? Would they provide equal security?

• What algorithm should I use to encrypt the partition? My processor does not have AES-NI.

• What should I use to sync the encrypted partition with the other one? Would something like dcfldd work for that?

Edit being written from migrated partition:

• After deleting the unused partitions and making a new unformatted /dev/sda2, I ran :

  cryptsetup luksFormat /dev/sda2
  cryptsetup luksOpen /dev/sda2 encrypt
  pv /dev/zero > /dev/mapper/encrypt
  

  pv here is used to monitor the progress of writing zeroes, and after this I formatted the encrypted partition to ext4 with mkfs.ext4 /dev/mapper/encrypt.

• To sync the partitions, I used YoMismo’s recommendation rsync after booting the PC from a live USB. It didn’t let me in with chroot though, I had to reboot my old partition and chroot from there instead. I ran in this process:

  mkdir /tmp/old_partition /tmp/new_encrypt
  mount /dev/sda4 /tmp/old_partition
  mount /dev/mapper/encrypt /tmp/new_encrypt
  cd /tmp/new_encrypt
  rsync -av /tmp/old_partition/* .
  

  and after rebooting the old partition /dev/sda4, opening and mounting /dev/sda2 and mounting virtual kernel filesystems:

• I made an /etc/crypttab with root UUID=<uuid of /dev/sda2> none luks

• I altered /etc/fstab to tell my root partition is UUID=<uuid of mapper>.
• I altered /boot/grub/grub.conf : I deleted root=<root> on the end of kernel line, and set a crypted device with crypt_root=UUID=<uuid> root=/dev/mapper/root.
• I ran genkernel --install --luks initramfs to make new initramfs with luks support.

Now I can boot and run it, the only thing left is setting the old partition on fire.